urlscan.io logo urlscan.io
SecurityTrails logo

lele43kg.click Open in urlscan Pro
63.250.38.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lele43kg.click/
Effective URL: https://lele43kg.click/
Submission Tags: @ecarlesi possiblethreat #phishing #facebook Search All
Submission: On June 08 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 103 IPs in 9 countries across 102 domains to perform 383 HTTP transactions. The main IP is 63.250.38.205, located in United States and belongs to NAMECHEAP-NET, US. The main domain is lele43kg.click.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 7th 2023. Valid for: a year.
This is the only time lele43kg.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51 63.250.38.205 22612 (NAMECHEAP...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 192.104.183.109 10668 (LEE-ASN)
4 104.16.132.24 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 44.213.57.151 14618 (AMAZON-AES)
1 13.225.63.52 16509 (AMAZON-02)
4 13.225.223.151 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 151.101.1.44 54113 (FASTLY)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:21e... 16509 (AMAZON-02)
1 52.2.238.35 14618 (AMAZON-AES)
4 52.86.87.176 14618 (AMAZON-AES)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 52.206.37.79 14618 (AMAZON-AES)
3 2600:9000:251... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 3 13.35.93.31 16509 (AMAZON-02)
1 20 2603:c020:400... 31898 (ORACLE-BM...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
6 14 68.67.161.182 29990 (ASN-APPNEX)
1 104.36.115.111 62713 (AS-PUBMATIC)
2 44.208.157.20 14618 (AMAZON-AES)
1 2 23.92.190.69 32475 (SINGLEHOP...)
1 69.166.1.15 27630 (AS-XFERNET)
1 2606:ae80:145... 25751 (VALUECLICK)
2 34.149.20.76 396982 (GOOGLE-CL...)
1 2620:100:a001... 19750 (AS-CRITEO)
1 104.18.25.185 13335 (CLOUDFLAR...)
1 2602:803:c002... 26667 (RUBICONPR...)
2 15 35.244.159.8 15169 (GOOGLE)
1 11 147.28.129.37 54825 (PACKET)
3 2607:f8b0:400... 15169 (GOOGLE)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 5 141.226.224.48 200478 (TABOOLA-AS)
10 3.222.106.255 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.228.136.31 14618 (AMAZON-AES)
1 13 23.199.48.23 16625 (AKAMAI-AS)
2 104.117.182.27 20940 (AKAMAI-ASN1)
10 23.52.158.180 16625 (AKAMAI-AS)
6 104.254.151.69 29990 (ASN-APPNEX)
2 151.101.1.108 54113 (FASTLY)
3 151.101.129.108 54113 (FASTLY)
19 24 142.251.40.194 15169 (GOOGLE)
3 3 35.214.192.219 15169 (GOOGLE)
1 2 50.16.228.60 14618 (AMAZON-AES)
4 2607:f8b0:400... 15169 (GOOGLE)
1 52.72.123.193 14618 (AMAZON-AES)
1 13.225.214.50 16509 (AMAZON-02)
1 3 35.190.60.146 15169 (GOOGLE)
22 25 162.19.138.119 16276 (OVH)
12 13 52.223.40.198 16509 (AMAZON-02)
14 14 67.202.105.21 32748 (STEADFAST)
2 3 67.202.105.32 32748 (STEADFAST)
2 104.18.11.47 13335 (CLOUDFLAR...)
8 23.192.31.127 16625 (AKAMAI-AS)
1 2606:2800:21f... 15133 (EDGECAST)
3 72.247.71.192 16625 (AKAMAI-AS)
8 9 34.200.65.202 14618 (AMAZON-AES)
1 10 69.166.1.12 27630 (AS-XFERNET)
1 1 3.224.253.54 14618 (AMAZON-AES)
7 7 74.121.140.211 30419 (MEDIAMATH...)
3 5 8.28.7.81 62713 (AS-PUBMATIC)
4 4 50.57.31.206 19994 (RACKSPACE)
7 10 34.111.113.62 396982 (GOOGLE-CL...)
1 13.226.34.99 16509 (AMAZON-02)
3 3 199.38.167.131 54312 (ROCKETFUEL)
15 15 35.211.178.172 19527 (GOOGLE-2)
3 8 52.46.128.147 16509 (AMAZON-02)
4 4 198.148.27.139 19189 (PULSEPOINT)
2 3 151.101.194.49 54113 (FASTLY)
2 5 2600:1f18:4e9... 14618 (AMAZON-AES)
5 12 192.40.39.223 27381 (CASALE-MEDIA)
3 3 104.127.172.242 16625 (AKAMAI-AS)
1 67.202.105.34 32748 (STEADFAST)
1 51.222.39.184 16276 (OVH)
5 14 52.223.22.214 16509 (AMAZON-02)
3 3 68.67.178.10 29990 (ASN-APPNEX)
12 12 18.204.107.11 14618 (AMAZON-AES)
9 37 162.248.18.37 62713 (AS-PUBMATIC)
2 2 23.105.14.106 30633 (LEASEWEB-...)
7 7 199.127.204.171 26120 (RHYTHMONE)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
2 2 54.174.155.78 14618 (AMAZON-AES)
1 1 192.96.203.13 30633 (LEASEWEB-...)
8 8 2606:ae80:145... 25751 (VALUECLICK)
1 1 3.237.52.215 14618 (AMAZON-AES)
1 2 35.186.253.211 15169 (GOOGLE)
2 2 3.220.81.91 14618 (AMAZON-AES)
4 4 207.198.113.86 13768 (COGECO-PEER1)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
4 4 173.231.178.81 32475 (SINGLEHOP...)
9 9 162.248.18.32 62713 (AS-PUBMATIC)
7 7 134.122.57.34 14061 (DIGITALOC...)
1 38.91.45.7 398989 (DEEPINTENT)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 74.119.119.150 19750 (AS-CRITEO)
1 1 52.55.109.177 14618 (AMAZON-AES)
1 1 52.73.187.111 14618 (AMAZON-AES)
2 2 52.73.81.183 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 2 3.233.21.199 14618 (AMAZON-AES)
2 2 34.133.71.175 396982 (GOOGLE-CL...)
1 3 162.248.18.34 62713 (AS-PUBMATIC)
1 54.144.147.217 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
2 2 185.167.164.37 198622 (ADFORM)
1 1 192.132.33.46 18568 (BIDTELLECT)
1 141.95.33.111 16276 (OVH)
1 52.95.118.179 16509 (AMAZON-02)
7 10 8.43.72.98 26667 (RUBICONPR...)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
4 4 35.211.233.246 15169 (GOOGLE)
11 34.117.239.71 396982 (GOOGLE-CL...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 70.42.32.63 13789 (INTERNAP-...)
1 1 23.217.42.188 16625 (AKAMAI-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 37.157.6.254 198622 (ADFORM)
1 1 23.105.12.143 30633 (LEASEWEB-...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 104.36.115.123 62713 (AS-PUBMATIC)
1 18.235.41.166 14618 (AMAZON-AES)
2 2620:100:a001::4 19750 (AS-CRITEO)
2 2 35.207.24.140 15169 (GOOGLE)
2 2 8.43.72.97 26667 (RUBICONPR...)
1 74.119.119.139 19750 (AS-CRITEO)
4 2600:9000:202... ()
1 2 2606:4700::68... ()
1 1 172.105.232.22 ()
1 35.186.193.173 ()
1 1 20.85.134.6 ()
1 195.5.165.20 ()
1 23.88.86.2 ()
2 2 104.127.64.185 ()
1 54.210.26.99 ()
1 54.84.121.56 ()
1 54.217.67.170 ()
383 103
51    63.250.38.205 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business63-3.web-hosting.com
lele43kg.click
4    2607:f8b0:4006:821::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com
www.lafourchegazette.com
4    104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.newyork1.vip.townnews.com
4    2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    44.213.57.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-57-151.compute-1.amazonaws.com
ad.crwdcntrl.net
1    13.225.63.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-52.ewr53.r.cloudfront.net
d2na2p72vtqyok.cloudfront.net
4    13.225.223.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-151.jfk51.r.cloudfront.net
cdn.segment.com
1    2607:f8b0:4006:820::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
3    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
4    2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2600:9000:21ea:9200:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
1    52.2.238.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-238-35.compute-1.amazonaws.com
geoip.insticator.com
4    52.86.87.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-87-176.compute-1.amazonaws.com
event.insticator.com
2    2606:4700:4400::6812:220a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
3    52.206.37.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-37-79.compute-1.amazonaws.com
geoip.instiengage.com
cms.instiengage.com
3    2600:9000:2512:3000:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
product.instiengage.com
1    2607:f8b0:4006:806::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
ampcid.google.ca
3    13.35.93.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-31.jfk50.r.cloudfront.net
sb.scorecardresearch.com
20    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
insticator.technoratimedia.com
uat-net.technoratimedia.com
sync.technoratimedia.com
2    2606:4700:10::6816:53d (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
14    68.67.161.182 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    44.208.157.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-157-20.compute-1.amazonaws.com
g2.gumgum.com
2    23.92.190.69 (Houston, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    2606:ae80:1451:22::820 (United States)

ASN25751 (VALUECLICK, US)
web.hb.ad.cpe.dotomi.com
2    34.149.20.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    2602:803:c002:200::115 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
15    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
insticator-d.openx.net
u.openx.net
us-u.openx.net
11    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    2607:f8b0:4006:823::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
adservice.google.com.kh
1    2607:f8b0:4006:806::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
4c65799a4fc33c9b894e0b1f0a302367.safeframe.googlesyndication.com
tpc.googlesyndication.com
5    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
sync.taboola.com
10    3.222.106.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-106-255.compute-1.amazonaws.com
1x1.a-mo.net
3    2607:f8b0:4006:81c::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:822::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google.ca
3    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    34.228.136.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-136-31.compute-1.amazonaws.com
protected-by.clarium.io
13    23.199.48.23 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-48-23.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.117.182.27 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-27.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
10    23.52.158.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-158-180.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
cs.media.net
6    104.254.151.69 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
lax1-ib.adnxs.com
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
3    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
24    142.251.40.194 (East White Plains, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
cm.g.doubleclick.net
3    35.214.192.219 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 219.192.214.35.bc.googleusercontent.com
csync.loopme.me
2    50.16.228.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-228-60.compute-1.amazonaws.com
bcp.crwdcntrl.net
4    2607:f8b0:4006:81e::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    52.72.123.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-123-193.compute-1.amazonaws.com
sync.crwdcntrl.net
1    13.225.214.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-50.ewr50.r.cloudfront.net
aa.agkn.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
25    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
13    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
14    67.202.105.21 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
pixel.33across.com
3    67.202.105.32 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
2    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
8    23.192.31.127 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2606:2800:21f:2cf1:7be6:911:71d9:25f7 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
3    72.247.71.192 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-71-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
9    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
10    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    3.224.253.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-253-54.compute-1.amazonaws.com
rtb.gumgum.com
7    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
10    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    13.226.34.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-99.ewr53.r.cloudfront.net
api.intentiq.com
3    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
15    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
8    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    2600:1f18:4e9:5a05:ad8e:c57c:f41b:3e87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
12    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
3    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    67.202.105.34 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
hde.tynt.com
1    51.222.39.184 (Canada)

ASN16276 (OVH, FR)
PTR: ip184.ip-51-222-39.net
onetag-sys.com
14    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    68.67.178.10 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
12    18.204.107.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-107-11.compute-1.amazonaws.com
match.prod.bidr.io
37    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    23.105.14.106 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.106.rdns.racklot.com
rtb-csync.smartadserver.com
7    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    54.174.155.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-155-78.compute-1.amazonaws.com
ad.360yield.com
1    192.96.203.13 (Fort Scott, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
8    2606:ae80:1451:13::2360 (United States)

ASN25751 (VALUECLICK, US)
synacor-match.dotomi.com
pubmatic-match.dotomi.com
33across-match.dotomi.com
1    3.237.52.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-237-52-215.compute-1.amazonaws.com
aorta.clickagy.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    3.220.81.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-81-91.compute-1.amazonaws.com
sync.ipredictive.com
4    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
4    173.231.178.81 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
9    162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
7    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    2620:116:800b:21:4cb8:1820:80ca:50f7 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    52.55.109.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-109-177.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    52.73.187.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-187-111.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    52.73.81.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-81-183.compute-1.amazonaws.com
pm.w55c.net
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    3.233.21.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-21-199.compute-1.amazonaws.com
thrtle.com
2    34.133.71.175 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com
um.simpli.fi
3    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    54.144.147.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-147-217.compute-1.amazonaws.com
rtb.adentifi.com
2    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
2    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com
bttrack.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
lb.eu-1-id5-sync.com
1    52.95.118.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
10    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    35.211.233.246 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
11    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    23.217.42.188 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-42-188.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    2606:4700:3037::ac43:9a47 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    23.105.12.143 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-global.smartadserver.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    104.36.115.123 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
1    18.235.41.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-41-166.compute-1.amazonaws.com
prebid-server.rubiconproject.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
4    2600:9000:202c:6400:17:5bae:c7c0:93a1 (None, )

ASN- ()
static.instiengage.com
2    2606:4700::6812:18ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    172.105.232.22 (None, )

ASN- ()
gocm.c.appier.net
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    20.85.134.6 (None, )

ASN- ()
mweb.ck.inmobi.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    23.88.86.2 (None, )

ASN- ()
matching.truffle.bid
2    104.127.64.185 (None, )

ASN- ()
px.owneriq.net
1    54.210.26.99 (None, )

ASN- ()
crb.kargo.com
1    54.84.121.56 (None, )

ASN- ()
sync.bfmio.com
1    54.217.67.170 (None, )

ASN- ()
synchroscript.deliveryengine.adswizz.com
Apex Domain
Subdomains		 Transfer
59 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 545
ads.pubmatic.com — Cisco Umbrella Rank: 541
image6.pubmatic.com — Cisco Umbrella Rank: 786
image2.pubmatic.com — Cisco Umbrella Rank: 971
simage2.pubmatic.com — Cisco Umbrella Rank: 730
image8.pubmatic.com — Cisco Umbrella Rank: 712
image4.pubmatic.com — Cisco Umbrella Rank: 1167
ow.pubmatic.com — Cisco Umbrella Rank: 2365
simage4.pubmatic.com
51 KB
51 lele43kg.click
lele43kg.click
476 KB
31 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 121
cm.g.doubleclick.net — Cisco Umbrella Rank: 248
160 KB
28 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
lax1-ib.adnxs.com — Cisco Umbrella Rank: 2109
cdn.adnxs.com — Cisco Umbrella Rank: 1632
acdn.adnxs.com — Cisco Umbrella Rank: 600
secure.adnxs.com — Cisco Umbrella Rank: 472
129 KB
27 33across.com
ssc.33across.com — Cisco Umbrella Rank: 4542
ssc-cms.33across.com — Cisco Umbrella Rank: 1135
pixel.33across.com — Cisco Umbrella Rank: 3719
events-ssc.33across.com — Cisco Umbrella Rank: 2347
10 KB
25 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 427
35 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 526
eus.rubiconproject.com — Cisco Umbrella Rank: 627
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1112
pixel.rubiconproject.com — Cisco Umbrella Rank: 375
token.rubiconproject.com — Cisco Umbrella Rank: 636
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 983
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1154
53 KB
24 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 992
assets.a-mo.net — Cisco Umbrella Rank: 2205 Failed
1x1.a-mo.net — Cisco Umbrella Rank: 3130
66 KB
23 media.net
contextual.media.net — Cisco Umbrella Rank: 654
warp.media.net — Cisco Umbrella Rank: 2642
lg3.media.net — Cisco Umbrella Rank: 6306
hblg.media.net — Cisco Umbrella Rank: 2114
cs.media.net — Cisco Umbrella Rank: 1595
301 KB
21 technoratimedia.com
insticator.technoratimedia.com — Cisco Umbrella Rank: 27368
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 5402
uat-net.technoratimedia.com — Cisco Umbrella Rank: 3326
sync.technoratimedia.com — Cisco Umbrella Rank: 1560
42 KB
17 openx.net
insticator-d.openx.net — Cisco Umbrella Rank: 24575
u.openx.net — Cisco Umbrella Rank: 723
us-u.openx.net — Cisco Umbrella Rank: 491
rtb.openx.net — Cisco Umbrella Rank: 1149
4 KB
15 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 356
7 KB
14 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 406
6 KB
14 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 334
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 454
5 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 385
7 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 589
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 490
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612
dsum.casalemedia.com — Cisco Umbrella Rank: 1549
ssum.casalemedia.com — Cisco Umbrella Rank: 1360
11 KB
12 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 588
7 KB
11 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2141
sync.go.sonobi.com — Cisco Umbrella Rank: 1072
12 KB
10 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 511
2 KB
10 instiengage.com
geoip.instiengage.com — Cisco Umbrella Rank: 23992
auth.instiengage.com — Cisco Umbrella Rank: 21239
product.instiengage.com
static.instiengage.com
cms.instiengage.com
285 KB
9 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 335
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1023
6 KB
9 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3588
synacor-match.dotomi.com — Cisco Umbrella Rank: 6661
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4235
33across-match.dotomi.com — Cisco Umbrella Rank: 4299
3 KB
8 googlesyndication.com
4c65799a4fc33c9b894e0b1f0a302367.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 127
tpc.googlesyndication.com — Cisco Umbrella Rank: 154
40 KB
8 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 959
trc.taboola.com — Cisco Umbrella Rank: 632
trc-events.taboola.com — Cisco Umbrella Rank: 1944
sync.taboola.com — Cisco Umbrella Rank: 1077
224 KB
7 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2485
4 KB
7 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 548
4 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 742
gum.criteo.com — Cisco Umbrella Rank: 413
dis.criteo.com — Cisco Umbrella Rank: 602
mug.criteo.com — Cisco Umbrella Rank: 2161
8 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 630
4 KB
5 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 26961
event.insticator.com — Cisco Umbrella Rank: 21157
416 B
5 google.com
ampcid.google.com — Cisco Umbrella Rank: 2285
adservice.google.com — Cisco Umbrella Rank: 106
www.google.com — Cisco Umbrella Rank: 3
2 KB
4 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2693
2 KB
4 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1598
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 729
2 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 625
4 KB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1334
3 KB
4 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1824
hde.tynt.com — Cisco Umbrella Rank: 4535
6 KB
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1612
34 KB
4 crwdcntrl.net
ad.crwdcntrl.net — Cisco Umbrella Rank: 7454
bcp.crwdcntrl.net — Cisco Umbrella Rank: 948
sync.crwdcntrl.net — Cisco Umbrella Rank: 937
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
21 KB
4 townnews.com
bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 16161
176 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
273 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 390
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 626
cm.adform.net — Cisco Umbrella Rank: 1230
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1017
1 KB
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 614
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1690
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 748
855 B
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 940
2 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 433
api.rlcdn.com Failed
id.rlcdn.com — Cisco Umbrella Rank: 727
1 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 999
706 B
3 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1810
rtb.gumgum.com — Cisco Umbrella Rank: 1585
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 157
3 KB
3 google.ca
ampcid.google.ca — Cisco Umbrella Rank: 92252
www.google.ca — Cisco Umbrella Rank: 7982
885 B
3 cloudfront.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
145 KB
2 owneriq.net
px.owneriq.net
2 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1152
900 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 562
58 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1813
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 569
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5853
969 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 953
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1426
683 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 991
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 840
882 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1043
1023 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 670
671 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1292
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 692
cdn.indexww.com — Cisco Umbrella Rank: 1661
2 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2331
759 B
2 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1552 Failed
489 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 724
1 KB
2 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 8995
143 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1528
97 KB
1 adswizz.com
synchroscript.deliveryengine.adswizz.com
397 B
1 bfmio.com
sync.bfmio.com
425 B
1 kargo.com
crb.kargo.com
504 B
1 truffle.bid
matching.truffle.bid
1 iprom.net
core.iprom.net
279 B
1 inmobi.com
mweb.ck.inmobi.com
349 B
1 ctnsnet.com
ipac.ctnsnet.com
370 B
1 appier.net
gocm.c.appier.net
396 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4422
463 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2433
573 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 578
755 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 252
671 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1101
401 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 956
351 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1278
35 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2881
308 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1494
674 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 758
932 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1544
342 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 817
593 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1156
221 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4646
393 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2283
435 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 3051
426 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 834
815 B
1 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1616
703 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 529
721 B
1 google.com.kh
adservice.google.com.kh — Cisco Umbrella Rank: 228417
532 B
1 lafourchegazette.com
www.lafourchegazette.com
49 B
383 102
Domain Requested by
51 lele43kg.click 1 redirects lele43kg.click
27 simage2.pubmatic.com 7 redirects ads.pubmatic.com
25 id5-sync.com 22 redirects d3lcz8vpax4lo2.cloudfront.net
24 cm.g.doubleclick.net 19 redirects bcp.crwdcntrl.net
us-u.openx.net
eb2.3lift.com
15 x.bidswitch.net 15 redirects
14 sync.technoratimedia.com 1 redirects us-u.openx.net
eb2.3lift.com
hde.tynt.com
ads.pubmatic.com
14 eb2.3lift.com 5 redirects ad-cdn.technoratimedia.com
ads.pubmatic.com
eb2.3lift.com
14 ib.adnxs.com 6 redirects d3lcz8vpax4lo2.cloudfront.net
acdn.adnxs.com
13 ssc-cms.33across.com 13 redirects
13 us-u.openx.net 1 redirects d3lcz8vpax4lo2.cloudfront.net
us-u.openx.net
ad-cdn.technoratimedia.com
13 match.adsrvr.org 12 redirects d3lcz8vpax4lo2.cloudfront.net
13 contextual.media.net 1 redirects lele43kg.click
contextual.media.net
12 match.prod.bidr.io 12 redirects
11 events-ssc.33across.com de.tynt.com
hde.tynt.com
eus.rubiconproject.com
11 prebid.a-mo.net 1 redirects d3lcz8vpax4lo2.cloudfront.net
10 image2.pubmatic.com 2 redirects ads.pubmatic.com
10 pixel.tapad.com 7 redirects us-u.openx.net
ads.pubmatic.com
10 sync.go.sonobi.com 1 redirects
10 1x1.a-mo.net lele43kg.click
9 image8.pubmatic.com 9 redirects
9 ups.analytics.yahoo.com 8 redirects us-u.openx.net
8 s.amazon-adsystem.com 3 redirects us-u.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
8 eus.rubiconproject.com d3lcz8vpax4lo2.cloudfront.net
eus.rubiconproject.com
ad-cdn.technoratimedia.com
de.tynt.com
hde.tynt.com
7 match.adsby.bidtheatre.com 7 redirects
7 sync.mathtag.com 7 redirects
6 pixel.rubiconproject.com 3 redirects
6 lax1-ib.adnxs.com lele43kg.click
cdn.adnxs.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 sync.1rx.io 5 redirects
5 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
5 pr-bh.ybp.yahoo.com 2 redirects us-u.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
5 image6.pubmatic.com 3 redirects ads.pubmatic.com
4 static.instiengage.com
4 33across-match.dotomi.com 4 redirects
4 a.sportradarserving.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 cm.adgrx.com 4 redirects
4 pixel-sync.sitescout.com 4 redirects
4 uat-net.technoratimedia.com eus.rubiconproject.com
4 bh.contextweb.com 4 redirects
4 uipglob.semasio.net 4 redirects
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 lg3.media.net lele43kg.click
contextual.media.net
4 gum.criteo.com 2 redirects cdn.taboola.com
static.criteo.net
4 event.insticator.com d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
4 securepubads.g.doubleclick.net lele43kg.click
d2na2p72vtqyok.cloudfront.net
securepubads.g.doubleclick.net
4 cdn.segment.com lele43kg.click
cdn.segment.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
lele43kg.click
4 bloximages.newyork1.vip.townnews.com lele43kg.click
4 www.googletagmanager.com lele43kg.click
www.googletagmanager.com
3 px.ads.linkedin.com 1 redirects eb2.3lift.com
3 ad.turn.com 3 redirects
3 secure.adnxs.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 p.rfihub.com 3 redirects
3 ads.pubmatic.com d3lcz8vpax4lo2.cloudfront.net
ad-cdn.technoratimedia.com
ads.pubmatic.com
3 de.tynt.com 2 redirects d3lcz8vpax4lo2.cloudfront.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 csync.loopme.me 3 redirects
3 acdn.adnxs.com lele43kg.click
d3lcz8vpax4lo2.cloudfront.net
3 www.google.com lele43kg.click
tpc.googlesyndication.com
3 assets.a-mo.net lele43kg.click
prebid.a-mo.net
3 trc-events.taboola.com lele43kg.click
3 stats.g.doubleclick.net www.google-analytics.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
lele43kg.click
2 px.owneriq.net 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 static.criteo.net d3lcz8vpax4lo2.cloudfront.net
static.criteo.net
2 ads.betweendigital.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 c1.adform.net 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 pippio.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 rtb.openx.net 1 redirects us-u.openx.net
2 sync.taboola.com 1 redirects
2 synacor-match.dotomi.com 2 redirects
2 ad.360yield.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 rtb-csync.smartadserver.com 2 redirects
2 idsync.rlcdn.com bcp.crwdcntrl.net
us-u.openx.net
2 bcp.crwdcntrl.net 1 redirects lele43kg.click
2 cs.media.net contextual.media.net
2 hblg.media.net lele43kg.click
2 cdn.adnxs.com lele43kg.click
2 warp.media.net lele43kg.click
2 qsearch-a.akamaihd.net lele43kg.click
2 www.google.ca lele43kg.click
2 protected-by.clarium.io lele43kg.click
2 ssc.33across.com d3lcz8vpax4lo2.cloudfront.net
2 ap.lijit.com 1 redirects d3lcz8vpax4lo2.cloudfront.net
2 g2.gumgum.com d3lcz8vpax4lo2.cloudfront.net
2 ex.ingage.tech d3lcz8vpax4lo2.cloudfront.net
2 insticator.technoratimedia.com d3lcz8vpax4lo2.cloudfront.net
2 auth.instiengage.com d2na2p72vtqyok.cloudfront.net
auth.instiengage.com
2 geoip.instiengage.com d2na2p72vtqyok.cloudfront.net
product.instiengage.com
2 cdn.confiant-integrations.net d2na2p72vtqyok.cloudfront.net
cdn.confiant-integrations.net
2 d3lcz8vpax4lo2.cloudfront.net d2na2p72vtqyok.cloudfront.net
2 cdn.taboola.com lele43kg.click
cdn.taboola.com
1 synchroscript.deliveryengine.adswizz.com
1 sync.bfmio.com
1 crb.kargo.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 cms.instiengage.com product.instiengage.com
1 product.instiengage.com d2na2p72vtqyok.cloudfront.net
1 mug.criteo.com
1 prebid-server.rubiconproject.com
1 ow.pubmatic.com
1 ssum.casalemedia.com 1 redirects
1 ads.playground.xyz 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 cm.adform.net
1 id.a-mx.com 1 redirects
1 stags.bluekai.com 1 redirects
1 c.bing.com eb2.3lift.com
1 aax-eu.amazon-adsystem.com
1 lb.eu-1-id5-sync.com d3lcz8vpax4lo2.cloudfront.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 bttrack.com 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 tags.rd.linksynergy.com 1 redirects
1 id.rlcdn.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 sync.aralego.com 1 redirects
1 onetag-sys.com ad-cdn.technoratimedia.com
1 hde.tynt.com ad-cdn.technoratimedia.com
1 pixel.33across.com 1 redirects
1 api.intentiq.com
1 rtb.gumgum.com 1 redirects
1 ad-cdn.technoratimedia.com d3lcz8vpax4lo2.cloudfront.net
1 js-sec.indexww.com d3lcz8vpax4lo2.cloudfront.net
1 aa.agkn.com bcp.crwdcntrl.net
1 sync.crwdcntrl.net bcp.crwdcntrl.net
1 u.openx.net 1 redirects
1 4c65799a4fc33c9b894e0b1f0a302367.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.com.kh securepubads.g.doubleclick.net
1 trc.taboola.com cdn.taboola.com
1 insticator-d.openx.net d3lcz8vpax4lo2.cloudfront.net
1 fastlane.rubiconproject.com d3lcz8vpax4lo2.cloudfront.net
1 htlb.casalemedia.com d3lcz8vpax4lo2.cloudfront.net
1 bidder.criteo.com d3lcz8vpax4lo2.cloudfront.net
1 web.hb.ad.cpe.dotomi.com d3lcz8vpax4lo2.cloudfront.net
1 apex.go.sonobi.com d3lcz8vpax4lo2.cloudfront.net
1 hbopenbid.pubmatic.com d3lcz8vpax4lo2.cloudfront.net
1 ampcid.google.ca www.google-analytics.com
1 geoip.insticator.com d2na2p72vtqyok.cloudfront.net
1 ampcid.google.com www.google-analytics.com
1 d2na2p72vtqyok.cloudfront.net lele43kg.click
1 ad.crwdcntrl.net lele43kg.click
1 www.lafourchegazette.com lele43kg.click
0 api.rlcdn.com Failed d3lcz8vpax4lo2.cloudfront.net
383 174
Subject Issuer Validity Valid
lele43kg.click
Sectigo RSA Domain Validation Secure Server CA		 2023-06-07 -
2024-06-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
lafourchegazette.com
GTS CA 1P5		 2023-04-25 -
2023-07-24		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1		 2023-03-13 -
2024-04-12		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.segment.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2022-07-27 -
2023-08-26		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-05-25 -
2023-08-23		 3 months crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2023-05-09 -
2024-05-24		 a year crt.sh
*.google.ca
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2022-07-13 -
2023-08-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-06-07 -
2024-07-06		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-05-05 -
2023-08-03		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-22 -
2024-05-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.a-mo.net
R3		 2023-05-22 -
2023-08-20		 3 months crt.sh
*.google.com.kh
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M01		 2022-12-16 -
2024-01-14		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
truffle.bid
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh

This page contains 61 frames:

Primary Page: https://lele43kg.click/
Frame ID: 5A68964ACA5A823AB5F02C41AF991A3F
Requests: 147 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 40F646E00806C914674BFDF06739880C
Requests: 2 HTTP requests in this frame

Frame: https://4c65799a4fc33c9b894e0b1f0a302367.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D69DAC4EBB420536ED1014BD1FFCBC23
Requests: 1 HTTP requests in this frame

Frame: https://assets.a-mo.net/js/c.js
Frame ID: BA703CA67E4B1BDE8F3F1B3F976F0958
Requests: 2 HTTP requests in this frame

Frame: https://assets.a-mo.net/js/c.js
Frame ID: D49955801A0D13DB42F1894F64906467
Requests: 2 HTTP requests in this frame

Frame: https://assets.a-mo.net/js/c.js
Frame ID: ED3BD29C98DCE2A28383342AC790A968
Requests: 14 HTTP requests in this frame

Frame: https://assets.a-mo.net/js/c.js
Frame ID: 309987BA2384A434CF301CF554E87A7F
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619596932451&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWH~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huX~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvu~LEQMQOvf9fA9F9huh~e8QMGvAHF.fA~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWa6APCNLPWDTQKyT~G7OvA9hihuhFAi9WFffuhiWiAFihhXhhiHXWWAHAX9AWWuhiXFFh9XFiXXifXHiiiu9F9XWAiihHFWihufh9ufXuf99XWWiAAWFhhhfAuAF~eBxv9.9A~OfEMjvu9~AENkviii.iH~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGv9.fW~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvAW.Hh~exLjMjvf9~%3DVvfiAH~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.XH~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvf.Hf~8exLjMjvf9~NGOEv9.9f9~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzuW~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Frame ID: E91623AF91DE624304C0BB0F038BF21F
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH868Z4&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C359%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 6D391B00B08E2FB49BA6EF463D0AA74C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11786&pub_id=1767266
Frame ID: F08BEE737BD8387F01223E7FCBCF8E83
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619135940065&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huh~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvf%2CHA~LEQMQOvf9fA9F9huF~e8QMGvHhh.Wu~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWaVqruelF8V91qZf~G7OvA9hihuhFAi9WFffuhiWiAFiFfhXFXXWHF9Ffhf9FFXh9FXuhHAhuHXWhHHFWfFHfhXAAAu9ufXhfuuXAuiuih9FffFFWiHAAAXhXuFW~eBxv9.9A~OfEMjvu9~AENkviii.iu~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iF~exLjMGv9.Au~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvH9.Xh~exLjMjvf9~%3DVvfiAf~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.fu~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvu.FX~8exLjMjvf9~NGOEv9.9ff~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Frame ID: 0BD4CC975661040D2B1D2CFFC1E69DB4
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH868Z4&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C359%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0210BEAAE4A18A1CF491392A964D920C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11786&pub_id=1767266
Frame ID: 7F85E55A1A1E5FB99A9496591360853A
Requests: 3 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=16192/rand=770639713/pv=y/med=flag%3A%20featured/rb=%7B%22meta_tag%22%3A%22food%2C%20gastronomy%2C%20restaurant%20industry%2C%20industry%2C%20the%20economy%2C%20tourism%22%7D/rt=ifr
Frame ID: 0BBF7309654B0B1086BC05DEC8726BAB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9EA6850F3C64D057820A8361296A4AD2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7D88F25994B5AB53A5F2E1F54D031C29
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 93F8D5A44AB139B7BFA01DE37AD4AE50
Requests: 15 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Frame ID: 8CDDECF1EA6417F9B034BBAC85D2A850
Requests: 7 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: 5BDE991DD2ED771D5D5AB0541C2C6542
Requests: 6 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5B012FAC9309D5B3B5C38F4C15CD500F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B84944B6340BE0928F04C3993022E9F1
Requests: 10 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.25.0
Frame ID: 59F775775ED54F3FE9DF989AF1AA7AFE
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D5A2D4C2413585F87982841C936B7E82
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Frame ID: 56715ECAADDA956CB84283C1F6B173F1
Requests: 21 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6D73CB6F28DF0D50E5F0C54C059F5F56
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Frame ID: A897B90B896DDA25C605D9AEA807A566
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Frame ID: EB7A3AC3CCFA1F6FB0E83BDB190E78FF
Requests: 6 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Frame ID: 4BB405316ED5A86EFC5E6B11009FF0F9
Requests: 12 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Frame ID: DDB218FA3DF1368F70119CA73AC06551
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=572a470226457b8
Frame ID: 1CA62B508C9BD4FA0DD499FA6CE459EE
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Frame ID: 41276EF10A3FD850959E0C9A26DE1CA7
Requests: 12 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 400F3889443B8F0FF9A6F16377CB5959
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907266893378216
Frame ID: 0FB29A1E1DDD2DB47930241B1DD4830E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=814511A8-C31A-4637-B47D-25B872926F86&redir=true&gdpr=0&gdpr_consent=
Frame ID: F00B0EBED9B470DFFE499B03074DFBD1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAZYU7JAnwAACBq72dMAA&gdpr=0&gdpr_consent=
Frame ID: 3F5692C2E7C2DEAAA3DB23E363E3D0FE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2c146481-3e06-4900-8289-22511a19c681&gdpr=0&gdpr_consent=
Frame ID: 22C58B4B59DBD3A51C502231E549D2C0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4631962839502029404&gdpr=0&gdpr_consent=
Frame ID: 1169B6B70694A592977239E9980DF927
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:86998ab2-67ac-4860-b5b1-c0e04acbcb2d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: D5702E91ABCC762B7D0280E30D59304D
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 4AC4CC8B92C01D3B51798652C236FEEE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nhqU2ZtLnN6FF86NnRaBi84cyt2FHJndnh45KPhH
Frame ID: EBCB14ED67B7F0F66AE7D07E2418DC7D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C99A3FEE986335CEF6A280E2730DA912
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=dc072b6d-f6c5-4e02-a8d6-ad0fd77abb05&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Frame ID: 71002D01E3F05ACD510C319A3E5FF607
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=QmPwlEyTXoVQwRwNm3kqx5U4mbg&gdpr=0&gdpr_consent=
Frame ID: 819F5C3A3D9A219A483AFD78E1082A03
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:29601ca6-f1d9-4b30-843f-8161c2753544&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: F1D15595354ACD6993A3A555E19CE998
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=788868412309
Frame ID: 35886EDAA091C15906E2E520966D43CD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0eb2aef2-b7a7-465c-bd8c-dd115fa267c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: 5834DEA41E5E3A341CE487FFE33A546A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 2608577EE42CB334E23E5BD59BB6F9CD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 222732657C6F8D3DCA6393C9A77CD2D3
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: DB9407943E3A333BC481C491B8FB1CCD
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lele43kg.click
Frame ID: BD56B5B12050C579201F5D07056A0E5A
Requests: 2 HTTP requests in this frame

Frame: https://product.instiengage.com/ceu-code/40c1ddd3-f53e-4cc2-99cf-8551b04a81fa.js
Frame ID: FA7FB2E1C975A6BD79AB8760DC1C86F0
Requests: 7 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 29CC08DCFA959AF65B5C6E5DE69F9388
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005
Frame ID: 49E9EA68115AD07DD4B19CADDADF208B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=h5DgE261CqKl5rguCj6BZA
Frame ID: 97BE90B01A3E2EF2DB7827AEFA755199
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 35B1D7E0883B0050B2E8F079A7333B83
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=cdeb25d2-bd1d-401c-8cb5-5c9394554111
Frame ID: FA54DE6B7FC9427279E5D3667E42AC5D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 6878C4644064A41DD47D8F741DAEF050
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 4039950CB0419829EE780CD6E2469242
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7394780251444984451
Frame ID: 15BE71C4DB1BF966FFEBD3D98B22CE32
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C32E470096D84A26A5A2953E26E1FE82&gdpr=0&gdpr_consent=
Frame ID: E4F6AD3C7FCA9E2A1FE35C5D8B1B3C7B
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=45&uid=$UID$
Frame ID: CF89F861C19B93D09DD4870F41E67A08
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

New restaurant aiming to serve fresh, homemade Louisiana dishes | Human Interest | lafourchegazette.com

Page URL History Show full URLs

  1. http://lele43kg.click/ HTTP 301
    https://lele43kg.click/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

383
Requests

71 %
HTTPS

22 %
IPv6

102
Domains

174
Subdomains

103
IPs

9
Countries

2673 kB
Transfer

7502 kB
Size

227
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lele43kg.click/ HTTP 301
    https://lele43kg.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686191618991&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Flele43kg.click%2F&c8=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes%20%7C%20Human%20Interest%20%7C%20lafourchegazette.com&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686191618991&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Flele43kg.click%2F&c8=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes%20%7C%20Human%20Interest%20%7C%20lafourchegazette.com&c9=
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzI5MTkzMjE5MTQ1NTIyNTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEKMg7ZYilO8UhqGPNrUblU0&google_cver=1
Request Chain 160
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop HTTP 307
  • https://contextual.media.net/cksync.php?cs=1&ovsid=2bf58bee-ca3b-40ab-8e31-dd6b0cdc5d38&type=loop&gdpr_consent=null&gdpr=0
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzI5MTkzMjE5MTQ1NTIyNTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESENcOtvd6GPqVl71bVfuJzu8&google_cver=1
Request Chain 168
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop HTTP 307
  • https://contextual.media.net/cksync.php?cs=1&ovsid=cb9a152d-f5fa-46d5-9861-40933242175c&type=loop&gdpr_consent=null&gdpr=0
Request Chain 180
  • https://bcp.crwdcntrl.net/5/c=16192/rand=770639713/pv=y/med=flag%3A%20featured/rb=%7B%22meta_tag%22%3A%22food%2C%20gastronomy%2C%20restaurant%20industry%2C%20industry%2C%20the%20economy%2C%20tourism%22%7D/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=16192/rand=770639713/pv=y/med=flag%3A%20featured/rb=%7B%22meta_tag%22%3A%22food%2C%20gastronomy%2C%20restaurant%20industry%2C%20industry%2C%20the%20economy%2C%20tourism%22%7D/rt=ifr
Request Chain 185
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D194%2Ftp%3DOPNX%2Ftpid%3D%7BOPENX_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=3568007f-6cb8-46a5-a6f6-9b5fd4b4a4c1/gdpr=0
Request Chain 201
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 207
  • https://ups.analytics.yahoo.com/ups/58645/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58645/occ?verify=true HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-hirM3MxE2uHKwUjao0aYPXGegQculCfLsDZCDx0-~A
Request Chain 208
  • https://id5-sync.com/s/441/9.gif?puid=u_95cbaf0b-c0ff-42bf-8394-b545735ebeba&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=u_95cbaf0b-c0ff-42bf-8394-b545735ebeba&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=b34041a6-af38-4471-a315-26c52a34e8cb&ttl=%%TTL%%
Request Chain 209
  • https://id5-sync.com/s/434/9.gif?puid=d9412701-94e5-4cdb-9ec1-9bc534e67e66&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/434/9/1.gif?puid=d9412701-94e5-4cdb-9ec1-9bc534e67e66&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/441/8/2.gif?puid=u_f4a778f1-d736-425b-91f4-c298444b4d15&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F434%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/434/434/7/3.gif?puid=d9412701-94e5-4cdb-9ec1-9bc534e67e66&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-63cbuClFKqrFs-hSOvhuLtiS2THCG7vbnATpejA_kw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/3/6/4.gif?puid=2c146481-3e06-4900-8289-22511a19c681&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=b34041a6-af38-4471-a315-26c52a34e8cb&ttl=%%TTL%% HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F4%2F6.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/429/4/6.gif?puid=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/3/7.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/2/3/7.gif?puid=4631962839502029404&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/112/2/8.gif?puid=25E6484A784C2D49&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F1%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/108/1/9.gif?puid=b7cac19b-b603-4e70-8c51-b566d7991c42&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=2c146481-3e06-4900-8289-22511a19c681&gdpr=0&consent=&id5id=ID5-63cbuClFKqrFs-hSOvhuLtiS2THCG7vbnATpejA_kw
Request Chain 210
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=d9412701-94e5-4cdb-9ec1-9bc534e67e66 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=d9412701-94e5-4cdb-9ec1-9bc534e67e66 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b7cac19b-b603-4e70-8c51-b566d7991c42%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b34041a6-af38-4471-a315-26c52a34e8cb&ttd_puid=b7cac19b-b603-4e70-8c51-b566d7991c42%2C%2C
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZDk0MTI3MDEtOTRlNS00Y2RiLTllYzEtOWJjNTM0ZTY3ZTY2 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEFAlpnFkYuJ-fSN2ya4z7mQ&google_cver=1
Request Chain 213
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968907266893378216
Request Chain 214
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=2c146481-3e06-4900-8289-22511a19c681
Request Chain 215
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&google_hm=MzRmYzRlN2UtNjFjYS00YTFjLThjMDAtODE2M2ViY2QyZTFk HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAGxvyjxltC7aN7CeOuVXBQ&google_cver=1&ssp=sonobi&bsw_param=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
Request Chain 216
  • https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=snb&dcc=t
Request Chain 217
  • https://id5-sync.com/s/441/9.gif?puid=u_f4a778f1-d736-425b-91f4-c298444b4d15&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=u_f4a778f1-d736-425b-91f4-c298444b4d15&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/8/2.gif?puid=b7cac19b-b603-4e70-8c51-b566d7991c42&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=b34041a6-af38-4471-a315-26c52a34e8cb&ttl=%%TTL%% HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/6/4.gif?puid=4631962839502029404&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F5%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/441/429/5/5.gif?puid=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/112/4/6.gif?puid=25E6484A784C2D49&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/3/7.gif?puid=b7cac19b-b603-4e70-8c51-b566d7991c42&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/112/2/8.gif?puid=25E6484A784C2D49&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F1%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/1/9.gif?puid=b7cac19b-b603-4e70-8c51-b566d7991c42&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=b34041a6-af38-4471-a315-26c52a34e8cb&gdpr=0&consent=&id5id=ID5-63cbuClFKqrFs-hSOvhuLtiS2THCG7vbnATpejA_kw
Request Chain 218
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=d9412701-94e5-4cdb-9ec1-9bc534e67e66&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=LWdCTkJGR3phVTJSdkhvMk80aEtMdw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMzT4vzL4RhKrP0q8CGpNjQ&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=b3OwQ2zeK7XC
Request Chain 219
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e315a43aa9&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=b34041a6-af38-4471-a315-26c52a34e8cb&pubid=e315a43aa9
Request Chain 222
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZIE_BgAAAVBsyQAD HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIE_BgAAAVBsyQAD&_test=ZIE_BgAAAVBsyQAD
Request Chain 224
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7fc8a111-4aec-cb19-00b2-ea332f216005 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7fc8a111-4aec-cb19-00b2-ea332f216005&dcc=t
Request Chain 225
  • https://match.adsrvr.org/track/cmf/openx?oxid=271edd6c-5646-70e3-c0bc-68a44712abe5&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b34041a6-af38-4471-a315-26c52a34e8cb&ttd_puid=271edd6c-5646-70e3-c0bc-68a44712abe5&gdpr=0&gdpr_consent=
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE-OG-uZ9EyemLBIPt41DvI&google_cver=1
Request Chain 228
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 231
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Request Chain 234
  • https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Request Chain 236
  • https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Request Chain 237
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1 HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=b34041a6-af38-4471-a315-26c52a34e8cb
Request Chain 238
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D46%26uid%3D%24UID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4631962839502029404
Request Chain 239
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Request Chain 240
  • https://match.prod.bidr.io/cookie-sync/syn HTTP 303
  • https://match.prod.bidr.io/cookie-sync/syn?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCTXNVN0pBbndBQUNQUUNjTXFNdw&bee_sync_partners=pm%2Cpp%2Csas%2Csyn&bee_sync_current_partner=adx&bee_sync_initiator=syn&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Csyn&bee_sync_current_partner=adx&bee_sync_initiator=syn&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAZYU7JAnwAACBq72dMAA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Csyn%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Csyn&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAZYU7JAnwAACBq72dMAA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAAZYU7JAnwAACBq72dMAA&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAZYU7JAnwAACBq72dMAA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5249688979620387262 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAAZYU7JAnwAACBq72dMAA
Request Chain 241
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor&zcc=1&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3D%5BRX_UUID%5D&cb=1686191622482 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4334878104 HTTP 302
  • https://sync.1rx.io/usersync/turn/3858709253814425740?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005
Request Chain 242
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1669&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=ebe04054-6d62-42bf-bdf5-ba912b945d84
Request Chain 243
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-BmRDi8NE2uH9Rdb9EUm8VqzS5kspX9RO~A
Request Chain 244
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D&s=191740&C=1 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZIE.BmLM1L.R1bfTJov76gAA%26025
Request Chain 245
  • https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=568200899A48499D9AF846BF5A46F6A4&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D37%26uid%3DUCFUID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=3847c52f-0a8e-3bbf-a4bc-700cb1fe6d7b
Request Chain 246
  • https://x.bidswitch.net/sync?ssp=synacor&user_id=568200899A48499D9AF846BF5A46F6A4 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dsynacor%26bsw_param%3D34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=2c146481-3e06-4900-8289-22511a19c681&expires=30&ssp=synacor&bsw_param=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=&gdpr_consent= HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
Request Chain 247
  • https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=568200899A48499D9AF846BF5A46F6A4&rurl=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D49%26uid%3D HTTP 302
  • https://synacor-match.dotomi.com/match/bounce/current?DotomiTest=5dfd8e5b522923d7&is_secure=true&networkId=63258&version=1&nuid=568200899A48499D9AF846BF5A46F6A4&rurl=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D49%26uid%3D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=49&uid=AAALvZ70u6BM7ANnCHsOAAAAAAA&expiration=1686278022&nuid=568200899A48499D9AF846BF5A46F6A4&is_secure=true
Request Chain 248
  • https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=568200899A48499D9AF846BF5A46F6A4&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3291932191455225000V10
Request Chain 251
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=3890e989-043c-4cad-b629-f3e5a320a5d4&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:7ae9487e1da890a20c2998098f12b890
Request Chain 252
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=-EhXUP_Ayc0myCQTlAuRXw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 253
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=2c146481-3e06-4900-8289-22511a19c681
Request Chain 254
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=7f92afef-9364-4386-8150-dd0122f445b4
Request Chain 255
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=e9fea58d-d953-402c-966e-3a51d9f8767b-64813e06-4341&gdpr=0&gdpr_consent=
Request Chain 258
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=72d8a20a-9b01-4683-9fc5-e8577e89ca3d HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=fbe365a26dff210189195752cfaf0fc7d340d788bee626f0d42495c5dd22b5fb791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmYmUzNjVhMjZkZmYyMTAxODkxOTU3NTJjZmFmMGZjN2QzNDBkNzg4YmVlNjI2ZjBkNDI0OTVjNWRkMjJiNWZiNzkxNDI2YjU0MTdkY2UyMRAAGgwIhvyEpAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmYmUzNjVhMjZkZmYyMTAxODkxOTU3NTJjZmFmMGZjN2QzNDBkNzg4YmVlNjI2ZjBkNDI0OTVjNWRkMjJiNWZiNzkxNDI2YjU0MTdkY2UyMRAAGgwIhvyEpAYSBAgCEABCAEoA&google_gid=CAESEOl8EXZE1eGHQlMzZeVNviA&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=8ee6b949-4b46-4379-beb8-acfbc8a9520c
Request Chain 259
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=4631962839502029404
Request Chain 260
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4002824441890281612&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 262
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907266893378216
Request Chain 264
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBWllVN0pBbndBQUNCcTcyZE1BQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAZYU7JAnwAACBq72dMAA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAZYU7JAnwAACBq72dMAA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAZYU7JAnwAACBq72dMAA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5249688979620387262&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAAZYU7JAnwAACBq72dMAA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D5249688979620387262%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=5249688979620387262&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAZYU7JAnwAACBq72dMAA&gdpr=0&gdpr_consent=
Request Chain 265
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2c146481-3e06-4900-8289-22511a19c681&gdpr=0&gdpr_consent=
Request Chain 266
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4631962839502029404&gdpr=0&gdpr_consent=
Request Chain 267
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e26abfe0-05a4-11ee-bade-24febccff229 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:86998ab2-67ac-4860-b5b1-c0e04acbcb2d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 269
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nhqU2ZtLnN6FF86NnRaBi84cyt2FHJndnh45KPhH
Request Chain 271
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=dc072b6d-f6c5-4e02-a8d6-ad0fd77abb05&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Request Chain 272
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=QmPwlEyTXoVQwRwNm3kqx5U4mbg&gdpr=0&gdpr_consent=
Request Chain 273
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6rjQHPZV1Q75t45&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:29601ca6-f1d9-4b30-843f-8161c2753544&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 274
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=788868412309
Request Chain 275
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0eb2aef2-b7a7-465c-bd8c-dd115fa267c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 276
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gUURqMMaRje0fSW4cpJvhg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 278
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=814511A8-C31A-4637-B47D-25B872926F86 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Db7cac19b-b603-4e70-8c51-b566d7991c42%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4631962839502029404&pt=b7cac19b-b603-4e70-8c51-b566d7991c42%2C%2C
Request Chain 280
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=814511A8-C31A-4637-B47D-25B872926F86&vxii_pid=12&vxii_pid1=10067&vxii_rcid=a1fc2586-c334-45bf-a43e-de6f79a70405
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODE0NTExQTgtQzMxQS00NjM3LUI0N0QtMjVCODcyOTI2Rjg2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOl-y4BpPf148Kae20Mt1MM&google_cver=1
Request Chain 283
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C32E470096D84A26A5A2953E26E1FE82
Request Chain 284
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3786651659776497804&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 285
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b34041a6-af38-4471-a315-26c52a34e8cb&gdpr=0&gdpr_consent=
Request Chain 286
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=814511A8-C31A-4637-B47D-25B872926F86&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-r.G9Y8pE2uXKdoT3VaE7ORlC_Wh87UE-~A&gdpr=0
Request Chain 288
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1277e1e5cb0723cb&is_secure=true&networkId=17100&version=1&nuid=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMt2Bu-3RrPAMcPFOVAAAAAAA&expiration=1686278022&nuid=814511A8-C31A-4637-B47D-25B872926F86&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 289
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=87de3df3-e2af-46c9-a49e-b3655b72ede0&gdpr=0&gdpr_consent=
Request Chain 291
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968907266893378216&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6df6bfba-8d99-4840-9353-a097ef652909&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 292
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e9fea58d-d953-402c-966e-3a51d9f8767b-64813e06-4341&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fa35321c-afbf-49b0-82f9-ec4ad716d5eb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 293
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_103ECB19B_119C40225&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 294
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8382746492207882041 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8d0f88b5-cb6c-4ff2-8062-04930aefb8da&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 295
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b34041a6-af38-4471-a315-26c52a34e8cb&expiration=1688783622&gdpr=0&gdpr_consent=
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIE-BmLM1L-R1bfTJov76gAAABkAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPxJThdHQ-1MqKDY20i6EbY&google_cver=1
Request Chain 298
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIE.BmLM1L.R1bfTJov76gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHalP-TlB5Qp47SPItJyJsc&google_cver=1&google_hm=2
Request Chain 299
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=0a26c837-ae76-4667-85cc-15af33f4d392
Request Chain 300
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIE-BmLM1L-R1bfTJov76gAAABkAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZIE-BmLM1L-R1bfTJov76gAAABkAAAAB
Request Chain 301
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=e26abfe0-05a4-11ee-bade-24febccff229
Request Chain 302
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZIE.BmLM1L.R1bfTJov76gAA%26025&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a909008d-e9c1-4430-b5d8-3fd77bd00b64-tuctb7ac386
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ4oQeQ2IV7hf56oRoimHao&google_cver=1
Request Chain 307
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/p05fRzY7ZOhL2k3Vd9Vk9g?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Vr8KYKdE2oJVpxhEicUGdcmIWPZfkv4sPLYN0Q--~A
Request Chain 308
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b34041a6-af38-4471-a315-26c52a34e8cb&gdpr=0&gdpr_consent=&expires=30
Request Chain 309
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2YyYzNhMDllZmFhYmQ5MDY2OTk4Mzg3ZjFmMjAxZDA1MTk0YTk2OA
Request Chain 310
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMIYBWU-D-5ZWW
Request Chain 311
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=G9vHcm-IR-CF4JnSvrWU0A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G9vHcm-IR-CF4JnSvrWU0A
Request Chain 312
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElNSVlCV1UtRC01WldX HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPvwwnTzfpr2kQzfV13sKu0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNSVlCV1UtRC01WldX&google_push=
Request Chain 313
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 314
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4585e617-3341-4ca1-b1ef-309b2791d10e&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 315
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1686191622503.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=2c146481-3e06-4900-8289-22511a19c681
Request Chain 316
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-MOWWmuxE2uGLKmc6PqP7jzQ8ZugokZz_~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-MOWWmuxE2uGLKmc6PqP7jzQ8ZugokZz_%7EA&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 317
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=13e9b3f2147322b5&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMVJx7GF0CtQN8gqoHAAAAAAA&expiration=1686278022&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMVJx7GF0CtQN8gqoHAAAAAAA&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 318
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=900646733431918560144 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=900646733431918560144&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 319
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=b34041a6-af38-4471-a315-26c52a34e8cb&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 320
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAwNjQ2NzMzNDMxOTE4NTYwMTQ0 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGnGk375HOAnMeTUAPsXqO0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 322
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAwNjQ2NzMzNDMxOTE4NTYwMTQ0
Request Chain 323
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=900646733431918560144&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=900646733431918560144&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Request Chain 324
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=900646733431918560144&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4585e617-3341-4ca1-b1ef-309b2791d10e&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 326
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/900646733431918560144?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-DtAyErRE2oRruSfeEpgQr3Fx0M53k.SikaqYhXq.qA--~A&dongle=0883
Request Chain 327
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=liPiJbp-cuxdTIr1KPrS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NRUVA2KKMJYC2Y3VPBSFISLSGFFVA4ST&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NRUVA2KKMJYC2Y3VPBSFISLSGFFVA4ST HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=liPiJbp-cuxdTIr1KPrS
Request Chain 328
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4631962839502029404&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 331
  • https://id.a-mx.com/usync?uid=1080a888-fdbd-4f30-873e-e8f15b92e8e7&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/cchain/0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F3%252F54%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253D1080a888-fdbd-4f30-873e-e8f15b92e8e7%2526bidder%253Dpubmatic%2526cbx%253D%2526uid%253D%2523PMUID HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3a95b8b6-7082-4b3b-9e2b-27c4642f34fd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 332
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=1080a888-fdbd-4f30-873e-e8f15b92e8e7&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=836f6ed5-e911-529f-a3a3-0b0ac722350d&ssp=adaptmx&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 333
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=1080a888-fdbd-4f30-873e-e8f15b92e8e7 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-iEl_BzRE2uGV4RzU3WbpqPLpTaqxpsV8im6l3YY-~A&gdpr=0
Request Chain 334
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LIMIYBWU-D-5ZWW&gdpr=0
Request Chain 336
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1080a888-fdbd-4f30-873e-e8f15b92e8e7%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=smartadserver&uid=5249688979620387262
Request Chain 337
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D1080a888-fdbd-4f30-873e-e8f15b92e8e7%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4631962839502029404 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1080a888-fdbd-4f30-873e-e8f15b92e8e7%26bidder%3Dpubmatic%26uid%3D814511A8-C31A-4637-B47D-25B872926F86 HTTP 302
  • https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=pubmatic&uid=814511A8-C31A-4637-B47D-25B872926F86
Request Chain 338
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1080a888-fdbd-4f30-873e-e8f15b92e8e7%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=index_rtb&uid=ZIE.BmLM1L.R1bfTJov76gAA%26025
Request Chain 339
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1080a888-fdbd-4f30-873e-e8f15b92e8e7%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=sovrn&uid=Gx3ZbBZHkDR_nnX7RLOr2mvA
Request Chain 340
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1080a888-fdbd-4f30-873e-e8f15b92e8e7%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=appnexus&uid=4631962839502029404
Request Chain 345
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 346
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=06dd0459-939d-426d-8412-cf897203e0a1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 347
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-MOWWmuxE2uGLKmc6PqP7jzQ8ZugokZz_~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-MOWWmuxE2uGLKmc6PqP7jzQ8ZugokZz_%7EA&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 348
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=68a136e21ba7212c&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMu6PTwWw0mAMWn7lZAAAAAAA&expiration=1686278022&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMu6PTwWw0mAMWn7lZAAAAAAA&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 349
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=900646733431918560144 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=900646733431918560144&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 350
  • https://ssc-cms.33across.com/ps/?_=1686191622647.&ri=0014000001aXjnGAAS&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212179885728245
Request Chain 351
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1686191622647.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=2c146481-3e06-4900-8289-22511a19c681
Request Chain 352
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi&khaos=LIMIYBWU-D-5ZWW HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LIMIYBWU-D-5ZWW
Request Chain 355
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LIMIYBWU-D-5ZWW HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LIMIYBWU-D-5ZWW HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LIMIYBWU-D-5ZWW&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 359
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lele43kg.click&sn=ChromeSyncframe&so=0&topUrl=lele43kg.click&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=uvEncnxiZkpNeGFkenRZcE56R012ajBIVmV1eTQvQ2hxWlpHUExpZ0k1VVMwaWkvT0pscXFMRGRDaXZCdTQwMjRmemFQU2hWZFZoSTlCNXJFL2FKZHpQQWRlLzZpNnFpQjdiNG5zRUQzYXQwR2FDNXZBVG5TWW9yMHcrbFAzM0kxajE3K1VDejlWR2treWlqMFcyM0tzZm5jeU93ZFlBQXBZTjBGd0V0MS81ZmlCVG5hbnFkcGZrNHZ3ZDNlZkhlMkZidUx3am5nM1g1a0hIVWppNG5yNEVXTk5GNlRBbEZMYlNkZU4xN3NDWFNWRnNkNXRpNVdQV2tLaElLa0U1YU0ydnV6cWcyd1g4ZkVGU2NJUmRTbWFsaFVGdz09fA&cppv=2
Request Chain 374
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 375
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7394731546 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b34041a6-af38-4471-a315-26c52a34e8cb HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005
Request Chain 376
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=h5DgE261CqKl5rguCj6BZA
Request Chain 378
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=cdeb25d2-bd1d-401c-8cb5-5c9394554111
Request Chain 381
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7394780251444984451&uid=Q7394780251444984451&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7394780251444984451
Request Chain 382
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C32E470096D84A26A5A2953E26E1FE82&gdpr=0&gdpr_consent=

383 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lele43kg.click/
Redirect Chain
  • http://lele43kg.click/
  • https://lele43kg.click/
282 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed / PHP/8.0.28
Resource Hash
204bf77a451069bca95e93cc29650ecd2c8fb484bfaf451205229ce3c8e8f655
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 08 Jun 2023 02:33:37 GMT
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.0.28
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

content-length
707
content-type
text/html
date
Thu, 08 Jun 2023 02:33:37 GMT
keep-alive
timeout=5, max=100
location
https://lele43kg.click/
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
bootstrap.min.d655407c2beee1a5e5788ed5c20be9d9.css
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.d655407c2beee1a5e5788ed5c20be9d9.css
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
6065cc42cf9789426f27a40563bc5c313b5ed33a7bc384c3ffaa0d047eb93ff2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
16225
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 22 Nov 2022 04:28:46 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
layout.983cb3d9b6baee5a78517d6ad3246133.css
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		156 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.983cb3d9b6baee5a78517d6ad3246133.css
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
b953c80f17a4dc7ec9c67b27ca0ca3615ff8257a53be8f7e613ff44c4400c1dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
26458
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Jan 2023 10:32:10 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
theme-basic.b4fafa6ad47070c5ddeea8a90f19ad7f.css
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.b4fafa6ad47070c5ddeea8a90f19ad7f.css
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
1e290fe7d19052faf0432be002c9d80f4f91179f775cd4b629b892a24cc7ff58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
7497
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Jan 2023 10:32:26 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
css
lele43kg.click/ 		0
0
owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1090
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 Jul 2022 08:08:00 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
tnt.comments.c281ededc640381d48e91e027585814d.css
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/styles/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/styles/tnt.comments.c281ededc640381d48e91e027585814d.css
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
78fabb8840d3fba5bd2a5bd16096e4d255e5da9267f3228efc263bdebf35c088
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
764
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 Jul 2022 08:07:56 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
cc.js
lele43kg.click/c/16192/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/c/16192/cc.js?ns=_cc16192
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
f6f74b06566c19607020d524a5c684318b73c129b35ffaa6520657e5f60508da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
11037
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Feb 2023 07:21:50 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
access.js
lele43kg.click/shared-content/art/tncms/api/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/shared-content/art/tncms/api/access.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lele43kg.click/
Origin
https://lele43kg.click
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
31037
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Feb 2023 01:56:06 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
33385
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Jul 2021 07:09:22 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
user.js
lele43kg.click/shared-content/art/tncms/user/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/shared-content/art/tncms/user/user.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
3723
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Feb 2023 10:06:04 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
10567
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Sep 2019 01:16:02 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
11939
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 24 May 2022 06:54:22 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
tnt.7b592b309c8e5e5c3477385b84e8c66d.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.7b592b309c8e5e5c3477385b84e8c66d.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
50846800868a535c1d2befa0b84738e08ac7013dd5628b4a2be94308d2caa1f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
5453
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Jan 2023 10:27:44 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
application.ef1ae2cf9d9803199a19b009dc464018.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.ef1ae2cf9d9803199a19b009dc464018.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
ae6c4eb375a9a08f2c21183d6857943c7762e78c45c185670d4a5cc17fabfb57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1379
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 07:59:04 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
user-controls.578df3df79d812af55ab13bae47f9857.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		532 B
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
291
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 Jul 2022 08:06:46 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
773
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jun 2022 00:40:10 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
gpt.js
lele43kg.click/tag/js/ 		77 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/tag/js/gpt.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
3e9715b85f0b04cb652384b7517f73d44325eab1568db300973ad8d0c4a2dc77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
25659
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Mar 2023 04:40:34 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
608
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 May 2022 02:14:28 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
c96243483fe1107223c07f837885d057ec2b7515e349bd51523ab2ef6666bf43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
2428
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Feb 2023 01:51:42 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
tnt.ads.load.6a3c47703ee96f20ef132e36033ca1bc.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		888 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.load.6a3c47703ee96f20ef132e36033ca1bc.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
d2c2161d216b3f6f05411fb2ae1c43a501c51f1763c450326757baad4af344ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
483
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Aug 2022 03:43:34 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
tracking.js
lele43kg.click/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/shared-content/art/tncms/tracking.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1036
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Feb 2023 10:06:04 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
admanager.js
lele43kg.click/shared-content/art/tncms-ad-manager/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/shared-content/art/tncms-ad-manager/admanager.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
a95eebd3e069c109f82214724fac3cbd9e0a09071fb20ccf270c2bbb2e57a93c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
10993
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 13 Sep 2022 07:38:00 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
impressions.js
lele43kg.click/lafourchegazette.com/content/tncms/ads/ 		94 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/content/tncms/ads/impressions.js?_dc=1677688515.temp
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
8ed2e086e93a77c75ac94831c50b30bbbb4e50e8d717e2cd710de13fe5f65f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Mar 2023 04:35:14 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
94
x-xss-protection
1; mode=block
expires
Thu, 15 Jun 2023 02:33:37 GMT
traffic.js
lele43kg.click/lafourchegazette.com/content/tncms/ads/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/content/tncms/ads/traffic.js?_dc=1677652514
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
98a6effe1c917b340d9ddf5d3163147fba125049c37540fdbac6a215e7752fc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
778
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Mar 2023 18:35:14 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
settings.js
lele43kg.click/lafourchegazette.com/content/tncms/ads/ 		2 KB
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/content/tncms/ads/settings.js?_dc=1597994449
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
340dbe154a3afb491b29716329959822448f074f9b9ad6c18ffb571595d0d05c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
356
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Aug 2020 18:20:48 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
c1f33558d1045531b408a422d50e71ad01b0b33984d74d6a3a06d97e4cfd3d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1650
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 Jul 2022 08:07:48 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
tnt.followed.notifications.6600e99595fd219e961e9882c796e61c.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/tnt.followed.notifications.6600e99595fd219e961e9882c796e61c.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
7dbcdbf64f6d2c3d36a3f3292e6114271c70fe25ac55de8c3a32262a7b736e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1209
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 Jul 2022 08:07:14 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
vendor.taboola.0f7d1c50406b868f466f9143671a50f4.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		904 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/vendor.taboola.0f7d1c50406b868f466f9143671a50f4.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
be657dcd95ee2e73fd5718b68961adccfa8de5d06b133fbf4c01b246517926b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
446
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 02 Apr 2022 00:30:30 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
tnt.comment.ab5fb87419367af823185ae92fe15663.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/scripts/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/scripts/tnt.comment.ab5fb87419367af823185ae92fe15663.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
f9186752fbc16321f99c98fb41db4058c9caf24529c0070d53d61f609e14dc2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
3079
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 May 2022 02:14:24 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
tnt.emoticons.2048520c3a5ad423f37d8d4ac8c790a9.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/scripts/tnt.emoticons.2048520c3a5ad423f37d8d4ac8c790a9.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
1bc728ed832fc895e2c5dc2e4cb961913ad05496eeed776d568370bb065e85f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
753
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 02 Apr 2022 00:29:40 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		200 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 02 Apr 2022 00:30:30 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
200
x-xss-protection
1; mode=block
expires
Thu, 15 Jun 2023 02:33:37 GMT
fontawesome.a7c71fa5a63ad1158170fb2c085be042.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		264 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.a7c71fa5a63ad1158170fb2c085be042.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
1ec681300bf92d8a2d7a67a0e7b2dd7651ec4b35e5dcc67f180a4bacd0ed6937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
95621
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 07 Oct 2022 07:59:10 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
tracker.js
lele43kg.click/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/shared-content/art/stats/common/tracker.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
2792
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 28 Jan 2023 03:03:16 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:37 GMT
da6549a2-4692-11ea-a45f-cfe6124e1279-7.png
lele43kg.click/lafourchegazette.com/content/tncms/custom/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lele43kg.click/lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-7.png
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
81278bdff5c4598f89e446eb0bbcce22f1c85e08e280b49359f7bd3a39d5c382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Feb 2020 02:38:32 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1681
x-xss-protection
1; mode=block
expires
Thu, 15 Jun 2023 02:33:38 GMT
e1935336-4692-11ea-a45f-b7fa6a4b0ba0-7.png
lele43kg.click/lafourchegazette.com/content/tncms/custom/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lele43kg.click/lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-7.png
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
81278bdff5c4598f89e446eb0bbcce22f1c85e08e280b49359f7bd3a39d5c382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Feb 2020 02:38:44 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1681
x-xss-protection
1; mode=block
expires
Thu, 15 Jun 2023 02:33:38 GMT
63ea99bcd2157.image.jpg
lele43kg.click/lafourchegazette.com/content/tncms/assets/v3/editorial/9/76/9766ac9e-abda-11ed-a555-3f508f22eec6/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lele43kg.click/lafourchegazette.com/content/tncms/assets/v3/editorial/9/76/9766ac9e-abda-11ed-a555-3f508f22eec6/63ea99bcd2157.image.jpg?crop=602%2C681%2C448%2C25&resize=442%2C500&order=crop%2Cresize
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
e33ba01eb3d4a4ace3fa9b6ad36df6d661a14cb08f4c698d280988a2f15eec80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 Feb 2023 08:12:44 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
40096
x-xss-protection
1; mode=block
expires
Thu, 15 Jun 2023 02:33:38 GMT
63ea99d37a1c1.image.jpg
lele43kg.click/lafourchegazette.com/content/tncms/assets/v3/editorial/c/a9/ca965092-abda-11ed-a1f8-8b8af48702e9/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lele43kg.click/lafourchegazette.com/content/tncms/assets/v3/editorial/c/a9/ca965092-abda-11ed-a1f8-8b8af48702e9/63ea99d37a1c1.image.jpg?resize=375%2C500
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
0072b43322ff1b20e60f83cc458bd35dca304960b429f20b12c23125512cd964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 Feb 2023 08:13:08 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
30658
x-xss-protection
1; mode=block
expires
Thu, 15 Jun 2023 02:33:38 GMT
asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		941 B
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
349
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 02 Apr 2022 00:29:32 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
tnt.ads.core.e7774288ce226361ffdb45b8dd559781.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.e7774288ce226361ffdb45b8dd559781.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
a58bae503e7c4ada63c97caf7738d9d1bc57e9ae5f034a4bc913a996e8ffe3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
3973
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 08:00:04 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
owl.carousel.50dc41fa734414148ce4b489fd904c5f.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
10297
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 07:59:32 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
withinviewport.1f94ee79a22e6ee8e9c0bb61dec9999b.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/withinviewport.1f94ee79a22e6ee8e9c0bb61dec9999b.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
34fc4e7529fac73aeaa0c93e5d6c40dcf6dc896aa0df459fac69542fb8a2a547
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
928
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jun 2022 00:40:24 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		1 KB
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
ef363fc8d14e4cdfc401792ea044108d84aa709594566611808f8e5aa0779c4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
312
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jun 2022 00:40:30 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		976 B
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
d06b0e662cfd11cf87c4c75d9a1c22bb7f710d0d1b9c6d5dfc099e52672a4246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
399
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jun 2022 00:40:26 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
maillist_signup.deacc71a82fe583ccc361b42498ff614.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/maillist_signup.deacc71a82fe583ccc361b42498ff614.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
1d13f3ca71d7f8936fa6132de0d7b79b479d0eb9615df43fde4f31b2d43c79fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1019
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Aug 2022 03:43:28 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
tnt.regions.b44801b45845a81b995eeaad12f4f276.js
lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.b44801b45845a81b995eeaad12f4f276.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
1360
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Jun 2022 00:22:52 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:33:38 GMT
gtm.js
www.googletagmanager.com/ 		215 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5dc6a6b79d3645c92cfc3a4df1dd84f690789cc1f9cc962b12bcf8e95ce663d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74011
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Jun 2023 02:33:38 GMT
/
lele43kg.click/_services/v1/client_ip_info/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/_services/v1/client_ip_info/
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/shared-content/art/tncms-ad-manager/admanager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
content-length
1238
x-xss-protection
1; mode=block
tracker.gif
www.lafourchegazette.com/shared-content/art/stats/common/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lafourchegazette.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=168619161823316001200501553640686&tnms_dt=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes%20%7C%20Human%20Interest%20%7C%20lafourchegazette.com&tnms_upage=1&tnms_do=www.lafourchegazette.com&tnms_uri=/&tnms_ref=&rt=1686191618236
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-length
0
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
63ea99bcd2157.image.jpg
bloximages.newyork1.vip.townnews.com/lafourchegazette.com/content/tncms/assets/v3/editorial/9/76/9766ac9e-abda-11ed-a555-3f508f22eec6/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/lafourchegazette.com/content/tncms/assets/v3/editorial/9/76/9766ac9e-abda-11ed-a555-3f508f22eec6/63ea99bcd2157.image.jpg?crop=602%2C681%2C448%2C25&resize=602%2C681&order=crop%2Cresize
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
950af077abdad1f55b2bfc77b1722582c27f2edcc138dfe3873944cf9728574b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
44176
cf-polished
origSize=68584, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Feb 2023 20:12:45 GMT
server
cloudflare
x-vcache
MISS
etag
"6e16d7ee4e0025c2b8c4a5ac6d15eb2c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
7d3dbb2e8cc8a1da-YYZ
expires
Sat, 01 Jun 2024 16:29:59 GMT
4ac48cfa-3944-11ea-8dc7-2fc317482147.0919d290a37596a5c2f42b633e5883b6.png
lele43kg.click/lafourchegazette.com/content/tncms/avatars/4/ac/48c/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lele43kg.click/lafourchegazette.com/content/tncms/avatars/4/ac/48c/4ac48cfa-3944-11ea-8dc7-2fc317482147.0919d290a37596a5c2f42b633e5883b6.png?_dc=1582137200
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
4a2f372585257d556220c263221066e8860d0c60ec39b63796c60d426db29739
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 20 Feb 2020 06:33:20 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
15685
x-xss-protection
1; mode=block
expires
Thu, 15 Jun 2023 02:33:38 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 08 Jun 2023 02:11:08 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1350
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 08 Jun 2023 04:11:08 GMT
gtm.js
www.googletagmanager.com/ 		166 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56bfafcbad2da56c8f60b685148c01e105d162974422f3b8f786c904f767fc16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60259
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Jun 2023 02:33:38 GMT
gtm.js
www.googletagmanager.com/ 		178 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1288453b74d792fde94a653aa93a93f84674b8ff97f6d7e3e7d034af31b263e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63415
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Jun 2023 02:33:38 GMT
var=tncms_aud
ad.crwdcntrl.net/5/c=9613/pe=y/ 		73 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.crwdcntrl.net/5/c=9613/pe=y/var=tncms_aud
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.57.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-57-151.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
021ad1922ab3b6e1d8da0ddb300425284daf76bab7c60e61451f42fb5fe3bc80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/javascript;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.35.84
content-length
73
expires
0
b1ad8512-0208-404a-8bef-42066664235a.js
d2na2p72vtqyok.cloudfront.net/client-embed/ 		121 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/client-embed/b1ad8512-0208-404a-8bef-42066664235a.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-52.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b90aee13b3fda7cc676346d54a9bb20fe498bbd5cbb473cd138349c2fb8dbb03

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
itrysoV189nxirniOkRLNZx9d8e48mWJ
Content-Encoding
br
Via
1.1 876e92db01d9014c2ee242623ecd97ee.cloudfront.net (CloudFront)
Date
Thu, 08 Jun 2023 02:33:36 GMT
X-Amz-Cf-Pop
EWR53-C1
Age
3
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 08 Jun 2023 00:03:50 GMT
Server
AmazonS3
ETag
W/"f16960d5a79c9005ded8c4a4d36ab0c1"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Vary
Accept-Encoding
X-Amz-Cf-Id
wLOMRytWfXY8yiqXe0PKTqtVAJzVP6scv5hqaNzL9yB-TBQb1D9ZNg==
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		104 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78750729dbbbdc0c9e92a1d6deb1a9e7c11a0e15672b297269ad96d71ad8cfad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
TjREG5pO6c7neKS4lyRZq2ILF.GPSb2y
content-encoding
br
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
date
Thu, 08 Jun 2023 02:33:38 GMT
x-amz-cf-pop
JFK51-C1
age
7
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 09 May 2023 20:11:50 GMT
server
AmazonS3
etag
W/"3f54773943d8aa47eb507df55eaa2a3a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
K-3hp438VMbQaVWE2QtT6uuCXnNJlMpGfM1wgwFbPaOucuSa4YP0WA==
js
www.googletagmanager.com/gtag/ 		226 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34f0c219d32960724e908dff58ed6a86fbaac559bd9f254da60fc1534038b42b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81264
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 08 Jun 2023 02:33:38 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://lele43kg.click
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
/
lele43kg.click/tncms/search/recommend/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/tncms/search/recommend/?app=editorial&t=article&inline=summary&preview=1&k=food%2Cgastronomy%2Crestaurant%20industry%2Cindustry%2Cthe%20economy%2Ctourism
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
content-length
1238
x-xss-protection
1; mode=block
/
www.lafourchegazette.com/tncms/search/mlt/ 		0
0
loader.js
cdn.taboola.com/libtrc/townnews-network/ 		533 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/townnews-network/loader.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/vendor.taboola.0f7d1c50406b868f466f9143671a50f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdcdaed54700a4653b9af6e3f0eab54737b5ff3b6297a3268ce0fc5160bad9a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
SdC8D.vh7uOiHsHPipUG8PFKDZCtOkNT
content-encoding
gzip
via
1.1 varnish
date
Thu, 08 Jun 2023 02:33:38 GMT
x-amz-request-id
BY7VEFPJBCPCGRYF
age
38
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
65880
x-amz-id-2
/ib1xHVHXAqvg/2cq9ULsNdDdfhQY3RtBEP+mKs8F8fzJdiTXfCmYXlTLL0GNGLfSRcbBqc3VcQ=
x-served-by
cache-yul12822-YUL
last-modified
Sun, 30 Apr 2023 13:51:24 GMT
server
AmazonS3
x-timer
S1686191619.532534,VS0,VE0
etag
"6290b7771c35efbefa6fd8cda72671c3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
97
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
2
pubads_impl_2023022301.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 12:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
397916
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132695
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 09:36:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jun 2024 12:01:42 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		36 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lele43kg.click
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
809026af8b75ca999fca15c17fb95b36e4473ffbcc23bc271b722bdff6429f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
x-xss-protection
0
expires
Thu, 08 Jun 2023 02:33:38 GMT
dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/ 		381 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/b1ad8512-0208-404a-8bef-42066664235a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:9200:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c10dc69b09f9cf0630591025126dba6d048d57c93eeaabe90af9ee8a5b612b30

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
3VOQwlCj2R_GI9iCuSOYUr7584HpMXSC
content-encoding
br
via
1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
date
Wed, 07 Jun 2023 09:31:13 GMT
x-amz-cf-pop
EWR50-C1
age
61346
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 06 Jun 2023 02:01:11 GMT
server
AmazonS3
etag
W/"fbb5aa77d7eb8d62b1ee27af534e6869"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
M1VzeBXHWAPMmDpao-i0mYF4YxDPUJT87B2tcBQ9ld4elzABEIgFmw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/b1ad8512-0208-404a-8bef-42066664235a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffec992edcab0f93b6219bc3ee424150a05579fba41bff0fa45920483e859844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25261
x-xss-protection
0
server
cafe
etag
603 / 19516 / m202306010101 / config-hash: 9074073763038175863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 02:33:38 GMT
dfc06b84-7d75-47a0-b19f-3c65ab9977b0-dmp.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/b1ad8512-0208-404a-8bef-42066664235a/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0-dmp.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/b1ad8512-0208-404a-8bef-42066664235a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:9200:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e4676998b7c5e819cb1ab330518e8ec3b46b189f598d66b9a7f8591f871fec5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
BF661FGMYlhmZU0LZgRxOL0_xowFXfQ0
content-encoding
br
via
1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
date
Thu, 08 Jun 2023 02:33:02 GMT
x-amz-cf-pop
EWR50-C1
age
37
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 08 Jun 2023 00:03:33 GMT
server
AmazonS3
etag
W/"4ba6cb323705e233e9bd787486160ea9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
w8dspzb9qyIef8_DgLcR4_zl1I9zDW5B8kliMs0yi1AObTni8SJhBQ==
/
geoip.insticator.com/json/ 		230 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/b1ad8512-0208-404a-8bef-42066664235a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.238.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-238-35.compute-1.amazonaws.com
Software
/
Resource Hash
d7112c31b1f0ef0b5ea9e9eaf35a1dc4f70eb55c3f2a20a97f2bfccc4577c489

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://lele43kg.click
date
Thu, 08 Jun 2023 02:33:38 GMT
access-control-allow-credentials
true
x-database-date
Thu, 08 Jun 2023 02:05:26 GMT
content-length
230
vary
Origin
content-type
application/json
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.87.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-87-176.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lele43kg.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://lele43kg.click
access-control-max-age
3600
content-length
0
date
Thu, 08 Jun 2023 02:33:38 GMT
vary
Origin
config.js
cdn.confiant-integrations.net/FND-wi8wixUcNBzL8a3ry9ym8hc/gpt_and_prebid/ 		97 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/FND-wi8wixUcNBzL8a3ry9ym8hc/gpt_and_prebid/config.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/b1ad8512-0208-404a-8bef-42066664235a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fbba53d8e9be9aa93e5eea61067c3a3b227a1327cdf5b0a94ab109f11ed7f74

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Jun 2023 23:51:11 GMT
server
cloudflare
x-amz-request-id
RD6FRGK1YGK5RPGY
age
119
etag
W/"633aa9ccbb0784f86eff7426b5d64c4b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7d3dbb2fdcfbecee-YUL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SEDHqafMERpkC98x3e9djaFoEM3+a6S7MFUyq2u3gSOEdnCAZG9t09Kctvz+pG1ojsTIpxbjF2uAiPCxQFPm+8jm0Iu+EoLGESG5YMHOhBU=
event
event.insticator.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/b1ad8512-0208-404a-8bef-42066664235a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.87.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-87-176.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://lele43kg.click
date
Thu, 08 Jun 2023 02:33:38 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
/
geoip.instiengage.com/json/ 		230 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/b1ad8512-0208-404a-8bef-42066664235a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.37.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-37-79.compute-1.amazonaws.com
Software
/
Resource Hash
d7112c31b1f0ef0b5ea9e9eaf35a1dc4f70eb55c3f2a20a97f2bfccc4577c489

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://lele43kg.click
date
Thu, 08 Jun 2023 02:33:38 GMT
access-control-allow-credentials
true
x-database-date
Wed, 07 Jun 2023 13:33:31 GMT
content-length
230
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame 40F6 		75 B
496 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/b1ad8512-0208-404a-8bef-42066664235a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:3000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
95
cache-control
max-age=300
content-length
75
content-type
text/html
date
Thu, 08 Jun 2023 02:32:04 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Thu, 11 May 2023 11:38:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront)
x-amz-cf-id
qI4O5kmEKFxPPiarly0ha1uHamcOr_4gr_BLYzBbGGCGzRRVeVowRw==
x-amz-cf-pop
JFK50-P7
x-amz-server-side-encryption
AES256
x-amz-version-id
sdvig1qk6AHuXLU2Lr6rxmxwpeBBF1C.
x-cache
Hit from cloudfront
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
906cf7cfa93b1ab7d9c6f1775e47b97d2c6e0b223a8c7409d7884eb8700d90eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
YuYoQpBFarPpw2CxRZbQUfespfEfBf9J
content-encoding
br
via
1.1 2370a7eb0d75907a0fd422bb3f42bcb6.cloudfront.net (CloudFront)
date
Thu, 08 Jun 2023 00:03:20 GMT
x-amz-cf-pop
JFK51-C1
age
9019
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 05 Jun 2023 15:03:19 GMT
server
AmazonS3
etag
W/"fca6ee85f752e2683415f90d79146a75"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
EamhfIsrq9xoB-wNZ1eRO2PGnSjhfDxyllRaMCKVdFgM8kyeS4IZ0A==
authIframe.js
auth.instiengage.com/auth/ Frame 40F6 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/authIframe.js?v=1
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:3000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
.lK6ICx53soEeOpFisF5xs3WBNt5Sw79
content-encoding
br
via
1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront)
date
Thu, 08 Jun 2023 02:30:50 GMT
last-modified
Thu, 11 May 2023 11:38:01 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
169
x-amz-server-side-encryption
AES256
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300
x-amz-cf-id
lw7EB79IBRjTSNY9svCsUSzbdh8mgXfrTy_B97D9VLYn5xvNA8QRDw==
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://lele43kg.click
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
impl.20230430-1-RELEASE.js
cdn.taboola.com/libtrc/ 		758 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230430-1-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/townnews-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f39759cc5d69473b0915c80d9044bee2cb142445fa479d9356151d8d1de5c77e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
kKohigZAi._w1wX3DUQHWXi7f.rGSwns
content-encoding
br
via
1.1 varnish
date
Thu, 08 Jun 2023 02:33:38 GMT
x-amz-request-id
8B73MB6FGZ2HFPK0
age
4905
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
161486
x-amz-id-2
u1fRWWChL48UTbHdJfWM9FME3z24KiH4V8b9f9H/MOJNXRuej4x+JRqp8ZqXxSOpbz8nebrMJPg=
x-served-by
cache-yul12822-YUL
last-modified
Mon, 01 May 2023 12:41:08 GMT
server
AmazonS3-br
x-timer
S1686191619.605126,VS0,VE0
etag
"9a72c88b3b607fa890a1f9fa20e1a04c"
vary
Accept-Encoding
content-type
application/javascript
abp
58
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/townnews-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-31.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 09:04:15 GMT
content-encoding
gzip
via
1.1 1d0c8380d9f12c4c559633dbe9e5eeca.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
77866
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
HhV4D_4Y4tzcGcvwVWlTuewc6Q0ZzclWETmn_EpCCP92L1DyetuyUA==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202305161109/ 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202305161109/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/FND-wi8wixUcNBzL8a3ry9ym8hc/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 May 2023 15:12:41 GMT
server
cloudflare
x-amz-request-id
FT4HVGQB7CCRFX0J
age
1937638
etag
W/"c445da83949e16f2c7f56d37a9f719f0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7d3dbb305d91ecee-YUL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nO4SmJlCFWE3tYLd1eHTnRzftKXrxOvU4kwqYbbPBc9j7s8g5EWJxiHO9/oA0MLoZxzVGL5i6BU=
insticator
insticator.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_7.25.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lele43kg.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://lele43kg.click
access-control-max-age
86400
date
Thu, 08 Jun 2023 02:33:38 GMT
server
nginx
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:53d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lele43kg.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://lele43kg.click
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
7d3dbb31089754c7-YYZ
content-length
0
date
Thu, 08 Jun 2023 02:33:38 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Headers
prebid
ib.adnxs.com/ut/v3/ 		258 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c4c37d6d684e7f9bdfb31dee3a2b4fb4751dc72853eb07cd15b40a14c44d62f5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:38 GMT
AN-X-Request-Uuid
53e0a1cc-8d11-4092-a0c4-a94a4683fb9d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://lele43kg.click
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
258
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lele43kg.click
date
Thu, 08 Jun 2023 02:33:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		390 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1686191618650&to=0&aun=div-insticator-ad-1&pubcid=f4b2e235-ffc1-4f14-9a6a-a04c23359818&gpid=celebretainment.com-div-insticator-ad-1&maxw=300&maxh=250&si=18035&pi=3&bf=250x250%2C300x250&schain=1.0%2C1!insticator.com%2Cfafaff06-d46c-4dfe-8eaa-a2d1e0de5400%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.25.0%22%7D&ogu=https%3A%2F%2Fwww.lafourchegazette.com%2Fhuman_interest%2Fnew-restaurant-aiming-to-serve-fresh-homemade-louisiana-dishes%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&ns=10240
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.157.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-157-20.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7b7f6744eb4dcf93cec2b1af54ca5d323aff63debdd7658347fb3bda1d8a3939

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://lele43kg.click
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		390 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1686191618651&to=0&aun=div-insticator-ad-2&pubcid=f4b2e235-ffc1-4f14-9a6a-a04c23359818&gpid=celebretainment.com-div-insticator-ad-2&maxw=300&maxh=250&si=18036&pi=3&bf=250x250%2C300x250&schain=1.0%2C1!insticator.com%2Cfafaff06-d46c-4dfe-8eaa-a2d1e0de5400%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.25.0%22%7D&ogu=https%3A%2F%2Fwww.lafourchegazette.com%2Fhuman_interest%2Fnew-restaurant-aiming-to-serve-fresh-homemade-louisiana-dishes%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&ns=10240
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.157.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-157-20.compute-1.amazonaws.com
Software
nginx /
Resource Hash
36a03c3ab21c3c096082c44d25480c91ad9fd855bad5f5c4adddd2dccc51bfc4

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://lele43kg.click
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
bid
ap.lijit.com/rtb/ 		24 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.25.0
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.69 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0eaadfc669b484062ca55467ca1aa485df3c72219ad934de7527a22c451aefaa

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 08 Jun 2023 02:33:38 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://lele43kg.click
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
trinity.json
apex.go.sonobi.com/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2214e9a15615e71f%22%3A%22d6aaaecb47291ddb67b7%7C250x250%2C300x250%7Cgpid%3Dcelebretainment.com-div-insticator-ad-1%2Cc%3Dd%2C%22%2C%22150b256f40395b3%22%3A%22ac15c78d6644d5b36f2d%7C250x250%2C300x250%7Cgpid%3Dcelebretainment.com-div-insticator-ad-2%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&s=8304ae00-dc3a-41d7-9496-612cdd5514a4&pv=dc454970-901a-4685-818a-1fd964f32d25&vp=desktop&lib_name=prebid&lib_v=7.25.0&us=50&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22fafaff06-d46c-4dfe-8eaa-a2d1e0de5400%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22f4b2e235-ffc1-4f14-9a6a-a04c23359818%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f4b2e235-ffc1-4f14-9a6a-a04c23359818%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
20dfd8b6a95f1092de51f9a49a25e8479f9c195139f6e13e82662d29e1a06455
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:38 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-128
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://lele43kg.click
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
817
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2606:ae80:1451:22::820 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lele43kg.click
pragma
no-cache
date
Thu, 08 Jun 2023 02:33:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
hb
ssc.33across.com/api/v1/ 		139 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c0dc2c871a928d1a18c542ef13cd7fff3f0b828a5cc404da946dd8089171eec4

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://lele43kg.click
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		139 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c0dc2c871a928d1a18c542ef13cd7fff3f0b828a5cc404da946dd8089171eec4

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://lele43kg.click
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdb
bidder.criteo.com/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.25.0&cb=42147073712&lsavail=0
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Jun 2023 02:33:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://lele43kg.click
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
insticator
insticator.technoratimedia.com/openrtb/bids/ 		22 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_7.25.0
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
gzip
via
1.1 varnish
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://lele43kg.click
x-varnish
141345145
access-control-allow-credentials
true
content-length
48
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=579236
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8325813949d5a4fd51a951ca687aafa685fc85319f59cd0e60f64e08fe92d2d9

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FElh8Oc8EU4FfOcphEfnZCiPBZ%2BgW%2FO8BlXsCmvWpNPrCFKCPwhCrvK%2BoyA7r9BvV94J1S9Jlehl9mnD86rVXcAXaIyJQ1DKgNvmGHXsDMuhofs%2FUhfyTBpE44mMG6j703Pq%2FIp3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://lele43kg.click
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d3dbb30fb83a1e4-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		440 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=771356%3B771358&size_id=15&alt_size_ids=14&rp_schain=1.0,1!insticator.com,fafaff06-d46c-4dfe-8eaa-a2d1e0de5400,1,,,&eid_pubcid.org=f4b2e235-ffc1-4f14-9a6a-a04c23359818%5E1&rf=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&tg_i.pbadslot=celebretainment.com-div-insticator-ad-1%3Bcelebretainment.com-div-insticator-ad-2&tk_flint=pbjs_lite_v7.25.0&x_source.tid=85e7d3f0-6401-473a-98e2-33a85ba40b84%3B5762a8ee-e906-4c14-aba6-8dcec6715dec&l_pb_bid_id=32db98929329e3%3B337f75cce40891&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=celebretainment.com-div-insticator-ad-1%3Bcelebretainment.com-div-insticator-ad-2&slots=2&rand=0.492707635739394
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::115 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6eb8cf34b6e4c8876fa30618db7aa8526fcf71fb32e9aa4c8b11b6fa4590e811

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:38 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://lele43kg.click
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
ex.ingage.tech/v1/ 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:53d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://lele43kg.click
date
Thu, 08 Jun 2023 02:33:38 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d3dbb31ec56548b-YYZ
vary
Origin
arj
insticator-d.openx.net/w/1.0/ 		172 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=85e7d3f0-6401-473a-98e2-33a85ba40b84%2C5762a8ee-e906-4c14-aba6-8dcec6715dec&nocache=1686191618673&pubcid=f4b2e235-ffc1-4f14-9a6a-a04c23359818&schain=1.0%2C1!insticator.com%2Cfafaff06-d46c-4dfe-8eaa-a2d1e0de5400%2C1%2C3429988b1aeb0e%2C%2C&aus=250x250%2C300x250%7C250x250%2C300x250&divids=div-insticator-ad-1%2Cdiv-insticator-ad-2&aucs=celebretainment.com-div-insticator-ad-1%2Ccelebretainment.com-div-insticator-ad-2&auid=540835823%2C540835823
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
64e900c15a3f1379ac447e0b44de7c7fd0ed64d744492bd9402595c4efc322a1

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://lele43kg.click
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		49 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
9ca706b5df9c2fa5c96c5dcdb8ec0481c63546901febf89a623e2f5f3fda3e73

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lele43kg.click
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
287
content-length
21135
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-54716522-7&cid=721314313.1686191619&jid=705650660&gjid=997145676&_gid=897224393.1686191619&_u=YGBAgUABAAQCAEAAI~&z=215082299
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 08 Jun 2023 02:33:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lele43kg.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=925427095&t=pageview&_s=1&dl=https%3A%2F%2Flele43kg.click%2F&dp=%2Fhuman_interest%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&ul=en-us&de=UTF-8&dt=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes%20%7C%20Human%20Interest%20%7C%20lafourchegazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAUABAAQCAGAAIAB~&jid=1296765058&gjid=313425854&cid=721314313.1686191619&tid=UA-158134568-1&_gid=897224393.1686191619&_r=1&_slc=1&gtm=45He3650n71PDQV3N&z=1800487956
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lele43kg.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=925427095&t=pageview&_s=1&dl=https%3A%2F%2Flele43kg.click%2F&dp=%2Fhuman_interest%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&ul=en-us&de=UTF-8&dt=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes%20%7C%20Human%20Interest%20%7C%20lafourchegazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAQCAAAAI~&jid=705650660&gjid=997145676&cid=721314313.1686191619&tid=UA-54716522-7&_gid=897224393.1686191619&gtm=45He3650n71PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=article_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&cd15=3.155.0&cd16=false&cd17=Page%20View&cm1=331&z=178214232
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 05:27:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75957
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
event
event.insticator.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0-dmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.87.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-87-176.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://lele43kg.click
date
Thu, 08 Jun 2023 02:33:38 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.87.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-87-176.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lele43kg.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://lele43kg.click
access-control-max-age
3600
content-length
0
date
Thu, 08 Jun 2023 02:33:38 GMT
vary
Origin
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230430-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
792816
expires
60
json
trc.taboola.com/townnews-lele43kgclick/trc/3/ 		31 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/townnews-lele43kgclick/trc/3/json?tim=02%3A33%3A38.903&lti=deflated&data=%7B%22id%22%3A680%2C%22ii%22%3A%22%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1682862680297%2C%22vi%22%3A1686191618901%2C%22cv%22%3A%2220230430-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Flele43kg.click%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6110%2C%22nsid%22%3A%22townnews-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A9%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dtownnews-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A5329.046875%2C%22mw%22%3A750%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Dtownnews-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230430-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
23
date
Thu, 08 Jun 2023 02:33:38 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-yul12822-YUL
server
nginx
x-timer
S1686191619.920581,VS0,VE23
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://lele43kg.click
content-type
text/plain;charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
integrator.js
adservice.google.com.kh/adsid/ 		107 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.kh/adsid/integrator.js?domain=lele43kg.click
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=lele43kg.click
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=431288864456842&correlator=3709721363961788&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fifs&iu_parts=132916964%3A22674670719%2Clafourchegazette.com%2Chuman_interest&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=2x1%2C1170x90%7C970x90%7C728x90%7C970x250%2C300x250%7C300x600%2C1170x90%7C970x90%7C728x90&ifi=1&adks=2234909692%2C435006748%2C3190115628%2C2449446321&sfv=1-0-40&prev_scp=pos%3Dimpact-top%7Cpos%3Dleaderboard-one%7Cpos%3Drectangle-one%7Cpos%3Dsticky-anchor&eri=1&cust_params=browser%3DChrome%26asset_id%3Daa313dd6-abd9-11ed-b21d-275b1b45dd17%26k%3Dfood%252Cgastronomy%252Crestaurant%2520industry%252Cindustry%252Cthe%2520economy%252Ctourism%26page%3Dasset%252Carticle%252Capp-editorial&sc=1&cookie_enabled=1&abxe=1&dt=1686191618961&lmt=1686191618&dlt=1686191617815&idt=1003&adxs=799%2C230%2C1010%2C215&adys=0%2C252%2C612%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flele43kg.click%2F&frm=20&vis=1&psz=1600x1%7C1140x90%7C360x250%7C1600x-1&msz=1600x1%7C1170x90%7C360x250%7C1600x-1&fws=4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600&ga_vid=721314313.1686191619&ga_sid=1686191619&ga_hid=925427095&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e43f413b6d81d7747e0bdada6b894dbfdea6310a2fdcc5b7c18e389a6ccab8c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
710
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lele43kg.click
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4c65799a4fc33c9b894e0b1f0a302367.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D69D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4c65799a4fc33c9b894e0b1f0a302367.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 02:33:39 GMT
expires
Fri, 07 Jun 2024 02:33:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ajs-destination.bundle.a1b5627f72b6c90f2baa.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.a1b5627f72b6c90f2baa.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d976009e0ff2a163ec0fec368655f9d213b36817354f1d3f02cfbc99dbff51e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 13:02:16 GMT
x-amz-version-id
nog3Y.tiFf03vq0CZJGGOqdjlUDsQMqM
content-encoding
br
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
age
4195883
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 20 Apr 2023 12:05:42 GMT
server
AmazonS3
etag
W/"dba2c033bf5f6f351c330af3a7fde619"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
DQOVAK1m31oOgJjiKMy_G6P0iQFYPi8N3Zw1BtLJ_0KMZkvmVFS0dg==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686191618991&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Flele43kg.click%2F&c8=New%20restaurant%20aiming%20to%20serve%2...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686191618991&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Flele43kg.click%2F&c8=New%20restaurant%20aiming%20to%20serve%...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686191618991&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Flele43kg.click%2F&c8=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes%20%7C%20Human%20Interest%20%7C%20lafourchegazette.com&c9=
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Server
13.35.93.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-31.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
via
1.1 1d0c8380d9f12c4c559633dbe9e5eeca.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P8
x-amz-cf-id
EKSEYfA53-d8toNtsBYNGG0HuOtQBEgI-U-OeBf17IpOPSSNfGY00Q==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 08 Jun 2023 02:33:39 GMT
via
1.1 1d0c8380d9f12c4c559633dbe9e5eeca.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
location
/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686191618991&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Flele43kg.click%2F&c8=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes%20%7C%20Human%20Interest%20%7C%20lafourchegazette.com&c9=
content-length
0
x-amz-cf-id
1ueKaZP1acK0_TbYqrgH0-ugFDCdk4MLDVYNHEoxHUb0tuXy7GEnKg==
collect
stats.g.doubleclick.net/j/ 		4 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-158134568-1&cid=721314313.1686191619&jid=1296765058&gjid=313425854&_gid=897224393.1686191619&_u=YGDAAUABAAQCAGAAIAB~&z=843835355
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 08 Jun 2023 02:33:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lele43kg.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
debug
trc-events.taboola.com/townnews-lele43kgclick/log/2/ 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/townnews-lele43kgclick/log/2/debug?tim=02%3A33%3A39.039&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&llvl=2&id=247&cv=20230430-1-RELEASE&lt=deflated&pct=1
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21898
debug
trc-events.taboola.com/townnews-lele43kgclick/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/townnews-lele43kgclick/log/2/debug?tim=02%3A33%3A39.041&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=7725&cv=20230430-1-RELEASE&lt=deflated&pct=1
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21898
debug
trc-events.taboola.com/townnews-lele43kgclick/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/townnews-lele43kgclick/log/2/debug?tim=02%3A33%3A39.041&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=9771&cv=20230430-1-RELEASE&lt=deflated&pct=1
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21898
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 03:08:12 GMT
x-amz-version-id
iLkC7O73vxk5ltDyL9JJ.pfF3.MWhYi_
content-encoding
br
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
age
4404328
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 18 Apr 2023 00:08:15 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
nq6bxweaSwXXsdEbOxbY4oWEbzm-yZQJDYvC6gSxaU-qT4HqFgwiPg==
c.js
assets.a-mo.net/js/ Frame BA70 		0
0
c.js
assets.a-mo.net/js/ Frame D499 		0
0
g_pbwin
1x1.a-mo.net/hbx/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbwin?A=amx&w=300&h=250&bid=44b937775eadae5&C=0&np=0.008552481544408881&a=div-insticator-ad-1&ts=1686191619078&eid=464bc5076fc74cd
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.106.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-106-255.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
pixel
protected-by.clarium.io/ Frame BA70 		0
0
g_pbwin
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbwin?A=amx&w=300&h=250&bid=454511a85e7b89f&C=0&np=0.00940772969884977&a=div-insticator-ad-2&ts=1686191619123&eid=473685f870a2a07
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.106.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-106-255.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
pixel
protected-by.clarium.io/ Frame D499 		0
0
ga-audiences
www.google.com/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-158134568-1&cid=721314313.1686191619&jid=1296765058&_u=YGDAAUABAAQCAGAAIAB~&z=1919192740
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-158134568-1&cid=721314313.1686191619&jid=1296765058&_u=YGDAAUABAAQCAGAAIAB~&z=1919192740
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.js
assets.a-mo.net/js/ Frame ED3B 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/c.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b2428c2d1e0b1b8a92e5189f0306451a73a881a74a8abc0789420530f68252

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
via
1.1 21c66eb5f493a6e3ddbaa803cebfe014.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P2
age
30
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 02 May 2023 02:28:36 GMT
server
cloudflare
etag
W/"8dab73a8a72c266203f0cb7b26d1a853"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7d3dbb34093e7148-YUL
x-amz-cf-id
ujsfQ0lDCIBAzrQQIvgmtie0DbmaZKrDU-2wIGfTLGcyDjsgLdOL2w==
expires
Thu, 08 Jun 2023 03:33:39 GMT
c.js
assets.a-mo.net/js/ Frame 3099 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/c.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b2428c2d1e0b1b8a92e5189f0306451a73a881a74a8abc0789420530f68252

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
via
1.1 21c66eb5f493a6e3ddbaa803cebfe014.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P2
age
30
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 02 May 2023 02:28:36 GMT
server
cloudflare
etag
W/"8dab73a8a72c266203f0cb7b26d1a853"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7d3dbb3449bc7148-YUL
x-amz-cf-id
ujsfQ0lDCIBAzrQQIvgmtie0DbmaZKrDU-2wIGfTLGcyDjsgLdOL2w==
expires
Thu, 08 Jun 2023 03:33:39 GMT
g_pbwin
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbwin?A=amx&w=300&h=250&bid=44b937775eadae5&C=0&np=0.008552481544408881&a=div-insticator-ad-1&ts=1686191619181&eid=485dcee4411c4be
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.106.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-106-255.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
pixel
protected-by.clarium.io/ Frame ED3B 		68 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_Rk5ELXdpOHdpeFVjTkJ6TDhhM3J5OXltOGhjL2FteDozMDB4MjUw&v=5&s=v31h2cdkf48&id=eyJwcmViaWQiOnsiYWRJZCI6IjQ0YjkzNzc3NWVhZGFlNSIsImNwbSI6MC4wMDg1NTI0ODE1NDQ0MDg4ODEsInMiOiJkaXYtaW5zdGljYXRvci1hZC0xIiwic3JjIjoiY2xpZW50In0sInRwX2NyaWQiOiJQQjphbXg7NDE0NDU5MjQ5IiwiYWRvbWFpbiI6InlhaG9vLmNvbSJ9&cb=6082966&h=lele43kg.click&d=eyJ3aCI6IlJrNUVMWGRwT0hkcGVGVmpUa0o2VERoaE0zSjVPWGx0T0doakwyRnRlRG96TURCNE1qVXciLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJhbXgiXSwiaGJfc2l6ZSI6WyIzMDB4MjUwIl19fSwid3IiOjB9
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.136.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-136-31.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 08 Jun 2023 02:33:39 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
g_pbwin
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbwin?A=amx&w=300&h=250&bid=454511a85e7b89f&C=0&np=0.00940772969884977&a=div-insticator-ad-2&ts=1686191619219&eid=4960c5e0171d932
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.106.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-106-255.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
pixel
protected-by.clarium.io/ Frame 3099 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_Rk5ELXdpOHdpeFVjTkJ6TDhhM3J5OXltOGhjL2FteDozMDB4MjUw&v=5&s=v31h2cdkf5a&id=eyJwcmViaWQiOnsiYWRJZCI6IjQ1NDUxMWE4NWU3Yjg5ZiIsImNwbSI6MC4wMDk0MDc3Mjk2OTg4NDk3NywicyI6ImRpdi1pbnN0aWNhdG9yLWFkLTIiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOmFteDs0MTQ0NTkyNDkiLCJhZG9tYWluIjoieWFob28uY29tIn0%3D&cb=5898736&h=lele43kg.click&d=eyJ3aCI6IlJrNUVMWGRwT0hkcGVGVmpUa0o2VERoaE0zSjVPWGx0T0doakwyRnRlRG96TURCNE1qVXciLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJhbXgiXSwiaGJfc2l6ZSI6WyIzMDB4MjUwIl19fSwid3IiOjB9
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.136.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-136-31.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 08 Jun 2023 02:33:39 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
nmedianet.js
contextual.media.net/ Frame ED3B 		97 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU47NEFE&ydspr=1
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
638e234fa91962ce4b2c572532e7dcd5e9a5db3e36eb0587ba2cf1fb306e787d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-mnt-h
21-gzkn
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 08 Jun 2023 02:33:39 GMT
server
Apache
etag
"a19e2a322afd82ea72503e1b567ba211"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
content-length
37665
expires
Thu, 08 Jun 2023 02:38:39 GMT
log
qsearch-a.akamaihd.net/ Frame ED3B 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=prod&bdr_typ=1&ss_d1=0&ogerpm=0.0300&ss_d2=0&stid=20341134&content_context=-1&content_channel=&other_prv=294&jar_err=&current_day=4.0&adtyp=0&req_id=5610289884105840435&bd_m3=0.0000&bidfp=0.0130&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=1.5313&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&search_res=32&floor_bucket=0.00&gpid_format=DEFAULT&seat=BID_API&rc=-1&size=300x250&url_l1=article_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&f_seg=&prdp=0.0204&ogcbdp=0.0300&dfpbd=0.0204&server=1&ogerpm_wd_bkt=0-1&vskip=-1&model_version=202306070212_generic_others_1-cid_0&viewability=0.0300&dmm_r=0.0000&cut=32&dmm_l=0.0000&as_cache=1&tcyerpm=&content_language=&sc=QC&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.05&ugd_ver=&requrl=lele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html%2F&bidrestime=1686191618853&cc=CA&strg=harmony&ss=&video_maxdur=-1&current_hour=2&time_stamp=2023-06-08+02%3A33%3A38&content_network=&model_key=generic_others_1-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.0300&ct=Montr%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BDal&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=16276&bdp_bucket=0.05&algo=unison18&dc=west_or&splid=20341134&erpm_mult=1.000000&dn=lele43kg.click&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=4ac32c9176fa4395b13894726a6327a8&zone=b&infl=&o_ver=NT+10.0&br_ver=114.0.5735.106&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=9.4.2&totalTimeBucket=3&visibility=1&totalTime=3780750&dmm_m1=2023-06-08+02%3A33%3A38.854679959&e_rpm=0.0000&dmm_m22=0.0300&gdpr=&vsid=&log_less=true&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&bdmm_m12=0.0000&cid=8CUH868Z4&bcrid=414459249&rawbid=0.0300&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-66c67fcb65-ncrjl.OR&dfp_bucket=0.0&adblk=&itype=appnexus_experiment&pvid_seat=294_BID_API&vcmplrt=-1.0&video_mindur=-1&cliIP=2503514552&advurl=search.yahoo.com%2F&level_base=0&crid=341475548&sat=1&br_id=265&cut_bkt=30&gpid=20341134&iwb=1&second_bid=0.000000&sc_pvid=294&capd=0&other_bids=0.03
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.27 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:39 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Server-Timing
ak_p; desc="1686191619344_1752544791_12292065_22_610_17_22_-";dur=1
Content-Length
35
Expires
Thu, 08 Jun 2023 02:33:39 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame ED3B 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 08 Jun 2023 02:33:39 GMT
x-guploader-uploadid
ADPycdvIA07uolGXKB2ssiwsyDgqMV4zKQeEzrGWzE-0qe0mB_SYBHuFlR0hWZLANlGZBaEyJeskGsWCcGiO_fk5GCOg0Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
server-timing
ak_p; desc="1686191619331_388820429_35124742_33_663_17_22_219";dur=1
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 08 Jun 2023 03:33:39 GMT
it
lax1-ib.adnxs.com/ Frame ED3B 		0
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lax1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&e=wqT_3QKWBfBMlgIAAAMA1gAFAQiC_ISkBhC2vvu5_tTisE8Y_NXQ0oWFsLdCKjYJexSuR-F6lD8RLhwIyQImkD8ZAAAA4FG4AEAhLhwIyQImkD8pexQJJNgxAAAAQDMzwz8wjsPZCTiKXEDqXEjgA1DxytDFAVjh94cBYABo-JKfAXic8AWAAQGKAQNVU0SSBQb0qAGYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACuslZ6gJIaHR0cHM6Ly9sZWxlNDNrZy5jbGljay9hcnRpY2xlX2FhMzEzZGQ2LWFiZDktMTFlZC1iMjFkLTI3NWIxYjQ1ZGQxNy5odG1sgAMAiAMBkAMAmAMUoAMBqgNBEhg1NjEwMjg5ODg0MTA1ODQwNDM1X3NiaWQaEzU3MjAwMDU0NTU0ODEwNjkzNjYiCTQxNDQ1OTI0OSoFTTExNzPAA6wCyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQOMTQ5LjU2LjE1My4xODSoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAE8crQxQH6BBIJAAAAoCHBRkARAAAAoJ5lUsCIBQGYBQCgBbOu4ujMnfDtTaoFEFdTTTNDMlM1MjNXVk83WVnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWbAfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Ab54wLaBhYKEAUzHQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAec8AXSBw0JESkBJgzaBwYIBQlo4AcA6gcCCADwB5GACIoIAhAAlQgAAIA_mAgB&s=69fee845cbaee25858c5140da050c3aa4d2a3732&pp=
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:39 GMT
AN-X-Request-Uuid
de82e64b-8428-451d-8dd1-f55a8bf13004
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/233/ Frame ED3B 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/233/trk.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires
Wed, 22 May 2024 13:37:49 GMT
Date
Thu, 08 Jun 2023 02:33:39 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1342550
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27646
X-Served-By
cache-lga21923-LGA, cache-yul12821-YUL
Last-Modified
Tue, 23 May 2023 13:36:07 GMT
Server
AkamaiNetStorage
X-Timer
S1686191619.335361,VS0,VE0
ETag
"9016354863c2896e70daab6e27775aa5:1684848967.582788"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
29, 223429
himp
1x1.a-mo.net/hbx/ Frame ED3B 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/himp?_e=CvECIglvcmR2ZjV4dHExcVZDpPaDgT86BW1vbmV0QhNkaXYtaW5zdGljYXRvci1hZC0xSg5sZWxlNDNrZy5jbGlja1ILYWFzLWU2NzZhODlaCHBiYTEuMy4yag5sZWxlNDNrZy5jbGlja3gBigEIOTFjNTI2ZTCgAfoBqAGsAsAB-NoEyAEA6AEA8gEPNzcyNDE0Mzc5MDc2NzM0-gEGNy4yNS4wmAJVqQIAAAAAAAAAALICCXlhaG9vLmNvbegCAYgDgvyEpAaiAxNhVzV6ZEdsallYUnZjaTVqYjIwqAMq4AOAP-oDJGMxMmZhN2IwLWEwZGQtNDk3NS1iNzQ3LWZmOTUxODhiODZhNKoEA0RDSIoFDzQxNzExOTM2ZWI3NjU3ZrIFA1VTRNIFCTEwNTE5OTM4ONgFAOAFAOoFB2Rlc2t0b3DyBQ0ySDNMSEM5UEw3VDM0-gUEZGMxM6oHA3dlYsoHDmxlbGU0M2tnLmNsaWNr&M=13&cn3=0&c4=native_dom&C=no_res&m=x%3A0&e=&sw=300&sh=450&rr=no_res&rw=300&rh=450&rer=&dr=0&lng=en-US&cv=c.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.106.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-106-255.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
himp
1x1.a-mo.net/hbx/ Frame ED3B 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/himp?_e=Cu4DIgpfb3JkdmY1eHRxMS4cCMkCJpA_OghhcHBuZXh1c0ITZGl2LWluc3RpY2F0b3ItYWQtMUoObGVsZTQza2cuY2xpY2tSC2Fhcy1lNjc2YTg5WghwYmExLjMuMmoObGVsZTQza2cuY2xpY2t4AYoBCDkxYzUyNmUwkgECMTCgAfoBqAGsAsAB-toEyAEA0AH___________8B6AEA8gEPNzcyNDE0Mzc5MDc2NzM0-gEGNy4yNS4wkQJxVkOk9oOBP5gCnQGpAgAAAAAAAAAAsgIJeWFob28uY29tugIJNDE0NDU5MjQ5wgIFMTE4ODLaAggyMDM0MTEzNOgCAfECAAAAAAAAAAD5AgAAAAAAAAAAiAOC_ISkBqIDE2FXNXpkR2xqWVhSdmNpNWpiMjCoAyrKAwUxMTg4MuADgD_qAyRjMTJmYTdiMC1hMGRkLTQ5NzUtYjc0Ny1mZjk1MTg4Yjg2YTSqBANEQ0iCBRM2MjAzNTQwNjI4MjIzODQyODI2igUPNDE3MTE5MzZlYjc2NTdmsgUDVVNEwgUDNDgwygUDMTU10gUJMTA1MTk5Mzg42AUA4AUA6gUHZGVza3RvcPIFDTJIM0xIQzlQTDdUMzT6BQRkYzEzqgcDd2ViygcObGVsZTQza2cuY2xpY2s&M=13&cn3=0&c4=native_dom&C=no_res&m=x%3A0&e=&sw=300&sh=450&rr=no_res&rw=300&rh=450&rer=&dr=0&lng=en-US&cv=c.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.106.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-106-255.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
inde
1x1.a-mo.net/hbx/ Frame ED3B 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/inde?aid=bGVsZTQza2cuY2xpY2s&b=lele43kg.click&M=13&v=pba0.0-aa2.14.0-0660ed9-1&cv=c.js&lng=en-US&_e=Cu4DIgpfb3JkdmY1eHRxMS4cCMkCJpA_OghhcHBuZXh1c0ITZGl2LWluc3RpY2F0b3ItYWQtMUoObGVsZTQza2cuY2xpY2tSC2Fhcy1lNjc2YTg5WghwYmExLjMuMmoObGVsZTQza2cuY2xpY2t4AYoBCDkxYzUyNmUwkgECMTCgAfoBqAGsAsAB-toEyAEA0AH___________8B6AEA8gEPNzcyNDE0Mzc5MDc2NzM0-gEGNy4yNS4wkQJxVkOk9oOBP5gCnQGpAgAAAAAAAAAAsgIJeWFob28uY29tugIJNDE0NDU5MjQ5wgIFMTE4ODLaAggyMDM0MTEzNOgCAfECAAAAAAAAAAD5AgAAAAAAAAAAiAOC_ISkBqIDE2FXNXpkR2xqWVhSdmNpNWpiMjCoAyrKAwUxMTg4MuADgD_qAyRjMTJmYTdiMC1hMGRkLTQ5NzUtYjc0Ny1mZjk1MTg4Yjg2YTSqBANEQ0iCBRM2MjAzNTQwNjI4MjIzODQyODI2igUPNDE3MTE5MzZlYjc2NTdmsgUDVVNEwgUDNDgwygUDMTU10gUJMTA1MTk5Mzg42AUA4AUA6gUHZGVza3RvcPIFDTJIM0xIQzlQTDdUMzT6BQRkYzEzqgcDd2ViygcObGVsZTQza2cuY2xpY2s&r=1&C=no_res&m=x%3A0&e=&sw=300&sh=450&rr=no_res&rw=300&rh=450&rer=&dr=0&eid=6aikqggw6d1uyztpyg&ts=1686191619289
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.106.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-106-255.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
nmedianet.js
contextual.media.net/ Frame 3099 		97 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU47NEFE&ydspr=1
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f9230094429608220b66e334835c903920237aac9c0655230ab2c13f87eaff53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-mnt-h
21-gzkn
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 08 Jun 2023 02:33:39 GMT
server
Apache
etag
"a19e2a322afd82ea72503e1b567ba211"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
content-length
37665
expires
Thu, 08 Jun 2023 02:38:39 GMT
log
qsearch-a.akamaihd.net/ Frame 3099 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=prod&bdr_typ=1&ss_d1=0&ogerpm=0.0300&ss_d2=0&stid=20341134&content_context=-1&content_channel=&other_prv=294&jar_err=&current_day=4.0&adtyp=0&req_id=645016673232256730&bd_m3=0.0000&bidfp=0.0130&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=1.6393&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&search_res=28&floor_bucket=0.00&gpid_format=DEFAULT&seat=BID_API&rc=-1&size=300x250&url_l1=article_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&f_seg=&prdp=0.0216&ogcbdp=0.0300&dfpbd=0.0216&server=1&ogerpm_wd_bkt=0-1&vskip=-1&model_version=202306070212_generic_others_1-cid_0&viewability=0.0300&dmm_r=0.0000&cut=28&dmm_l=0.0000&as_cache=1&tcyerpm=&content_language=&sc=QC&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.05&ugd_ver=&requrl=lele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html%2F&bidrestime=1686191618896&cc=CA&strg=harmony&ss=&video_maxdur=-1&current_hour=2&time_stamp=2023-06-08+02%3A33%3A38&content_network=&model_key=generic_others_1-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.0300&ct=Montr%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BDal&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=16276&bdp_bucket=0.05&algo=default&dc=west_or&splid=20341134&erpm_mult=1.000000&dn=lele43kg.click&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=3ba801154c8843b5bbdada0aa5fed2ed&zone=b&infl=&o_ver=NT+10.0&br_ver=114.0.5735.106&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=9.4.2&totalTimeBucket=1&visibility=1&totalTime=1942680&dmm_m1=2023-06-08+02%3A33%3A38.898051532&e_rpm=0.0000&dmm_m22=0.0300&gdpr=&vsid=&log_less=false&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&bdmm_m12=0.0000&cid=8CUH868Z4&bcrid=414459249&rawbid=0.0300&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-66c67fcb65-j6fhx.OR&dfp_bucket=0.0&adblk=&itype=appnexus_experiment&pvid_seat=294_BID_API&vcmplrt=-1.0&video_mindur=-1&cliIP=2503514552&advurl=search.yahoo.com%2F&level_base=0&crid=341475548&sat=1&br_id=265&cut_bkt=30&gpid=20341134&iwb=1&second_bid=0.000000&sc_pvid=294&capd=0&other_bids=0.03
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.27 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:39 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Server-Timing
ak_p; desc="1686191619385_1752544791_12292067_12_693_16_0_-";dur=1
Content-Length
35
Expires
Thu, 08 Jun 2023 02:33:39 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame 3099 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 08 Jun 2023 02:33:39 GMT
x-guploader-uploadid
ADPycdvIA07uolGXKB2ssiwsyDgqMV4zKQeEzrGWzE-0qe0mB_SYBHuFlR0hWZLANlGZBaEyJeskGsWCcGiO_fk5GCOg0Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
server-timing
ak_p; desc="1686191619361_388820429_35124754_22_513_17_0_219";dur=1
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 08 Jun 2023 03:33:39 GMT
it
lax1-ib.adnxs.com/ Frame 3099 		0
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lax1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&e=wqT_3QKVBfBMlQIAAAMA1gAFAQiC_ISkBhDxy7nWh7XRiVEYvv7VsrX24clWKjYJukkMAiuHlj8R_x68dmnDkT8ZAAAA4FG4AEAh_x68dmnDkT8pukkJJNgxAAAAQDMzwz8wjsPZCTiKXEDqXEjgA1DxytDFAVjh94cBYABo-JKfAXim5gOAAQGKAQNVU0SSBQb0qAGYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACuslZ6gJIaHR0cHM6Ly9sZWxlNDNrZy5jbGljay9hcnRpY2xlX2FhMzEzZGQ2LWFiZDktMTFlZC1iMjFkLTI3NWIxYjQ1ZGQxNy5odG1sgAMAiAMBkAMAmAMUoAMBqgNAEhc2NDUwMTY2NzMyMzIyNTY3MzBfc2JpZBoTNTg0MjA4OTczMTU0NjgzNDQxNyIJNDE0NDU5MjQ5KgVNMTE3M8ADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8ATxytDFAfoEEgkAAACgIcFGQBEAAACgnmVSwIgFAZgFAKAF2v3ZkfPn4_kIqgUQRTdaRFFTQzJVT05LS1NGR8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZsB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBvnjAtoGFgoQAAEzHQEBsmDgBgHyBgIIAIAHAYgHAKAHAcgHpuYD0gcNAaoFAQEmDNoHBggFCWjgBwDqBwIIAPAHkYAIiggCEACVCAAAgD-YCAE.&s=a518c45f45a88b55f67f2622eebc53430e5b43af&pp=
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:39 GMT
AN-X-Request-Uuid
d254e13f-4bbd-4b07-8954-10abf77b9ab2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/233/ Frame 3099 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/233/trk.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires
Wed, 22 May 2024 13:37:49 GMT
Date
Thu, 08 Jun 2023 02:33:39 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1342550
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27646
X-Served-By
cache-lga21923-LGA, cache-yul12821-YUL
Last-Modified
Tue, 23 May 2023 13:36:07 GMT
Server
AkamaiNetStorage
X-Timer
S1686191619.358003,VS0,VE0
ETag
"9016354863c2896e70daab6e27775aa5:1684848967.582788"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
29, 223430
himp
1x1.a-mo.net/hbx/ Frame 3099 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/himp?_e=CvECIglvcmR2ZjV4dHExFt8WG1xEgz86BW1vbmV0QhNkaXYtaW5zdGljYXRvci1hZC0ySg5sZWxlNDNrZy5jbGlja1ILYWFzLWU2NzZhODlaCHBiYTEuMy4yag5sZWxlNDNrZy5jbGlja3gBigEIOTFjNTI2ZTCgAfoBqAGsAsAB-NoEyAEA6AEA8gEPMzU3MDQwNzY0MzY4MjEw-gEGNy4yNS4wmAJeqQIAAAAAAAAAALICCXlhaG9vLmNvbegCAYgDgvyEpAaiAxNhVzV6ZEdsallYUnZjaTVqYjIwqAMq4AOAP-oDJGMxMmZhN2IwLWEwZGQtNDk3NS1iNzQ3LWZmOTUxODhiODZhNKoEA0RDSIoFDzQyODRjNGQwNTczMjc5OLIFA1VTRNIFCTEwNTE5OTM4ONgFAOAFAOoFB2Rlc2t0b3DyBQ0ySDNMSEM5UEw3VDM0-gUEZGMxM6oHA3dlYsoHDmxlbGU0M2tnLmNsaWNr&M=13&cn3=0&c4=native_dom&C=no_res&m=a%3A0&e=&sw=300&sh=450&rr=no_res&rw=300&rh=450&rer=&dr=0&lng=en-US&cv=c.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.106.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-106-255.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
himp
1x1.a-mo.net/hbx/ Frame 3099 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/himp?_e=Cu4DIgpfb3JkdmY1eHRxMQAfvHZpw5E_OghhcHBuZXh1c0ITZGl2LWluc3RpY2F0b3ItYWQtMkoObGVsZTQza2cuY2xpY2tSC2Fhcy1lNjc2YTg5WghwYmExLjMuMmoObGVsZTQza2cuY2xpY2t4AYoBCDkxYzUyNmUwkgECMTCgAfoBqAGsAsAB-toEyAEA0AH___________8B6AEA8gEPMzU3MDQwNzY0MzY4MjEw-gEGNy4yNS4wkQIW3xYbXESDP5gCrQGpAgAAAAAAAAAAsgIJeWFob28uY29tugIJNDE0NDU5MjQ5wgIFMTE4ODLaAggyMDM0MTEzNOgCAfECAAAAAAAAAAD5AgAAAAAAAAAAiAOC_ISkBqIDE2FXNXpkR2xqWVhSdmNpNWpiMjCoAyrKAwUxMTg4MuADgD_qAyRjMTJmYTdiMC1hMGRkLTQ5NzUtYjc0Ny1mZjk1MTg4Yjg2YTSqBANEQ0iCBRM0Mzk3Nzk0NDEyMDc5MTkyMjMyigUPNDI4NGM0ZDA1NzMyNzk4sgUDVVNEwgUDNDgwygUDMTU10gUJMTA1MTk5Mzg42AUA4AUA6gUHZGVza3RvcPIFDTJIM0xIQzlQTDdUMzT6BQRkYzEzqgcDd2ViygcObGVsZTQza2cuY2xpY2s&M=13&cn3=0&c4=native_dom&C=no_res&m=a%3A0&e=&sw=300&sh=450&rr=no_res&rw=300&rh=450&rer=&dr=0&lng=en-US&cv=c.js
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.106.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-106-255.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
inde
1x1.a-mo.net/hbx/ Frame 3099 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/inde?aid=bGVsZTQza2cuY2xpY2s&b=lele43kg.click&M=13&v=pba0.0-aa2.14.0-0660ed9-0&cv=c.js&lng=en-US&_e=Cu4DIgpfb3JkdmY1eHRxMQAfvHZpw5E_OghhcHBuZXh1c0ITZGl2LWluc3RpY2F0b3ItYWQtMkoObGVsZTQza2cuY2xpY2tSC2Fhcy1lNjc2YTg5WghwYmExLjMuMmoObGVsZTQza2cuY2xpY2t4AYoBCDkxYzUyNmUwkgECMTCgAfoBqAGsAsAB-toEyAEA0AH___________8B6AEA8gEPMzU3MDQwNzY0MzY4MjEw-gEGNy4yNS4wkQIW3xYbXESDP5gCrQGpAgAAAAAAAAAAsgIJeWFob28uY29tugIJNDE0NDU5MjQ5wgIFMTE4ODLaAggyMDM0MTEzNOgCAfECAAAAAAAAAAD5AgAAAAAAAAAAiAOC_ISkBqIDE2FXNXpkR2xqWVhSdmNpNWpiMjCoAyrKAwUxMTg4MuADgD_qAyRjMTJmYTdiMC1hMGRkLTQ5NzUtYjc0Ny1mZjk1MTg4Yjg2YTSqBANEQ0iCBRM0Mzk3Nzk0NDEyMDc5MTkyMjMyigUPNDI4NGM0ZDA1NzMyNzk4sgUDVVNEwgUDNDgwygUDMTU10gUJMTA1MTk5Mzg42AUA4AUA6gUHZGVza3RvcPIFDTJIM0xIQzlQTDdUMzT6BQRkYzEzqgcDd2ViygcObGVsZTQza2cuY2xpY2s&r=0&C=no_res&m=a%3A0&e=&sw=300&sh=450&rr=no_res&rw=300&rh=450&rer=&dr=0&eid=fhe2lno3kemqq6mn7d&ts=1686191619352
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.106.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-106-255.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
/
lele43kg.click/tncms/tracking/tncms-dmp/audience-extraction/ 		1 KB
2 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/tncms/tracking/tncms-dmp/audience-extraction/?d=%7B%22name%22%3A%22client%22%2C%22value%22%3A9613%7D&i=1686191618393,
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/shared-content/art/tncms/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
content-length
1238
x-xss-protection
1; mode=block
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame E916 		67 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619596932451&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWH~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huX~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvu~LEQMQOvf9fA9F9huh~e8QMGvAHF.fA~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWa6APCNLPWDTQKyT~G7OvA9hihuhFAi9WFffuhiWiAFihhXhhiHXWWAHAX9AWWuhiXFFh9XFiXXifXHiiiu9F9XWAiihHFWihufh9ufXuf99XWWiAAWFhhhfAuAF~eBxv9.9A~OfEMjvu9~AENkviii.iH~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGv9.fW~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvAW.Hh~exLjMjvf9~%3DVvfiAH~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.XH~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvf.Hf~8exLjMjvf9~NGOEv9.9f9~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzuW~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c2ee142e63cc3da3511c6aa05ce2ee17eccc8d4549d95b58b53bb9db025f2e50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
28061
content-type
text/html
date
Thu, 08 Jun 2023 02:33:39 GMT
expires
Thu, 08 Jun 2023 02:33:39 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-ztlf
bping.php
lg3.media.net/ Frame ED3B 		35 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=1893&&vgd_cdv=971&vgd_tsce=L158&vgd_cage=1&vgd_mcf=2099&gdpr=0&prid=8PRVCXX19&cid=8CU47NEFE&crid=295351712&vi=1686191619596932451&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=170785135&r=1686191619445&requrl=https%3A%2F%2Flele43kg.click%2F&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWH~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huX~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvu~LEQMQOvf9fA9F9huh~e8QMGvAHF.fA~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWa6APCNLPWDTQKyT~G7OvA9hihuhFAi9WFffuhiWiAFihhXhhiHXWWAHAX9AWWuhiXFFh9XFiXXifXHiiiu9F9XWAiihHFWihufh9ufXuf99XWWiAAWFhhhfAuAF~eBxv9.9A~OfEMjvu9~AENkviii.iH~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGv9.fW~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvAW.Hh~exLjMjvf9~%3DVvfiAH~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.XH~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvf.Hf~8exLjMjvf9~NGOEv9.9f9~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzuW~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&ssld=%7B%22QQ8E%22%3A%22uHi.XF.uXA.uWH%22%2C%22QQNN%22%3A%22%3DK%22%2C%22QQQN%22%3A%22g%3D%22%2C%22QQN75%22%3A%22cmz7L%C3%83%C2%83%C3%82%C2%A91j%22%7D&vgd_bid=339254&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1686191619159059203&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH868Z4&vgd_hb_audit_2=341475548&vgd_pgid=p11302748793t202306080233&vgd_pgids=1&vgd_uspa=0&hvsid=00001686191619442025035145521378&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 08 Jun 2023 02:33:39 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
server-timing
ak_p; desc="1686191619520_388820429_35125037_58_523_17_0_146";dur=1
content-length
35
expires
Thu, 08 Jun 2023 02:33:39 GMT
checksync.php
contextual.media.net/ Frame 6D39 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH868Z4&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C359%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de0aaf2a142e96621d624daadf23c5c4ea7df3ad409db9487c4b1b4030473a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9608
content-type
text/html; charset=UTF-8
date
Thu, 08 Jun 2023 02:33:39 GMT
expires
Sat, 10 Jun 2023 02:33:39 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame ED3B 		35 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4714&lper=1&itypeid=21&itype=APPNEXUS_EXPERIMENT&cc=CA&cid=8CUH868Z4&reqid=5610289884105840435&vid=5610289884105840435&dn=lele43kg.click&rawDn=lele43kg.click&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=QC&ct=Montr%C3%83%C2%A9al&zip=H3H&pubid=pub-appnexus-exp&tgtval=pub-appnexus-exp&csip=rtb-common-66c67fcb65-ncrjl.OR&dtc=west_or&zone=b&ptype=23&tmax=150&xtmax=120&gdpr=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=16276&gender=O&sckfl=0&smbrid=11786&usp_status=0&usp_enf=1&pexid=APPNEXUS_EXPERIMENT-1767266&geoll=true&is_ortb=true&s_ip=104.254.150.125&s_city=los+angeles&commit_id=66203b96&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-06-07+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=3&dummy_vsid=false&second_call=false&supply_cc=CA&ipcc=CA&is_msnnative_src=false&rtttime=44&req_tid_present=true&pvid=294&prvAccId=295351712&prvApiId=8CU47NEFE&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=341475548&prspt=headerBid&prvReqId=19060308053009_1686976216_34147554812941&reqsize=300x250&size=300x250&chnl=HARMONY&bdp=0.030&cbdp=0.020&og_cbdp=0.030&ogbdp=0.03&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.020&dt=O&dbf=1&epc=295351712&s=1&snm=SUCCESS&pcrid=8CU47NEFE-295351712-23-9&tpbTkn=false&exid=31&bidflr=0.013&pbidflr=0.013&opbidflr=0.013&spbf=0&viewability=3&slotVisibility=1&adpos=1&iframingState=0&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Ckbb_se%3D0%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1686191618853&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.03&dmm_erpm=true&dmm_ogerpm=false&bcrid=414459249&strg=HARMONY&stagid=20341134&vls=0&scrid=414459249&mang=1&pvdTmax=80&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&apPrfs%3C%3E=65%23%2313%23%2361&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_tid_sent=false&mx_epbc=8CU47NEFE&mx_SPRIG=2&mx_bsBucket=1&mx_ssProfile=0&mx_int_dsp_id=32&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=1&mx_sid=8CUH868Z4&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=20341134&mx_tgs=300x250&mx_bsProfileRa=-1&mx_IAB2=2&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_gpid=20341134&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=-1&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=nOOjochtsXne&mx_gpid_sent=true&mx_commit_id=b868a86c35&acid=4ac32c9176fa4395b13894726a6327a8&rtime=18.0&wsip=mowx-58ff4844bf-6qwkp&ltime=25.0&act=headerBid&abs=0%7C0%7Cxtmax%3D120%7Cbrr%3D0&adtypes=0&impId=5720005455481069366&reftime=15000&reftype=0&keywordSellerId=false&dsid=20341134&insl=0&mowxReqId=4ac32c9176fa4395b13894726a6327a8_1&ecp=2.09&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&dfpDiv=20341134&supplyTagId=20341134&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&actltime=25&debug_ts=2023-06-08+02%3A33%3A38&__expireat=1686192219107&mview=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.03~vw_exc%3D0.03~vis_sd%3D184~dc2%3D1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2023060715~iurl_b%3D5040.58~url_tkc%3D0~std%3D20341134~MP%3D.*article.*~last%3D~vis_url_b%3D0.59~ip%3D2JquuY~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D16~rc%3D1~rps_sd%3D2023060717~vis_b%3D346.23~url_b%3D0.2~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~ecp_eer%3D69.67~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.03~vl2r_url_kc%3D0E0~bm%3D1~sid%3D295351712~sd%3D0~uid%3D338OJ3UKcrU8RLsAgL~btd%3D3079717639086221798936977577945883435038817956670569559254999106058399746897127012512005889338677723136~vwu%3D0.03~d2p_l%3D10~3pcf%3D999.94~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.96~vurl_b%3D0.28~ss%3DNA~cc%3DCA~uiw%3D-1~ce%3D0~rps_b%3D38.47~vurl_l%3D20~CI%3D2934~nts%3D1~MP2%3D.*article.*~bss_RVP%3DMB%2CNED~ct%3Dmontreal~bss_KTW%3DMB%2CNED~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D3.54~PF%3D0~isif%3D0~bid%3D0.03~dc%3D8~vl2r_b%3D2.42~ivurl_l%3D20~cbdp%3D0.020%7Eitype_id%3D21%7Eseller_tag_id%3D20341134%7Esupply_tag_id%3D20341134%7Eviewability%3D0.033504%7Epos%3D1%7EcarrierId%3D0%7Eogbid%3D0.030%7Ebflr%3D0.013%7Esuid%3D%7Edtc%3Dwest_or%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison18%7Einsl%3D0%7Esobp%3D%7Ehtml%3D1%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~nsz%3D1~tgs%3D300x250~bsb%3D1~bsp%3D-1~tmx%3D80&utime=634&sf=0&cpr=0.22420386846701734
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:39 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
server-timing
ak_p; desc="1686191619519_388820429_35125035_47_885_17_0_146";dur=1
content-length
35
expires
Thu, 08 Jun 2023 02:33:39 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame F08B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11786&pub_id=1767266
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66911
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 08 Jun 2023 02:33:39 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 24 May 2023 07:58:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3253, 474740
X-Served-By
cache-lga13626-LGA, cache-yul12825-YUL
X-Timer
S1686191620.530136,VS0,VE0
rd_log
lax1-ib.adnxs.com/ Frame ED3B 		0
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&e=wqT_3QLVBPBMVQIAAAMA1gAFAQiC_ISkBhC2vvu5_tTisE8Y_NXQ0oWFsLdCKjYJexSuR-F6lD8RLhwIyQImkD8ZAAAA4FG4AEAhLhwIyQImkD8pexQJJNgxAAAAQDMzwz8wjsPZCTiKXEDqXEjgA1DxytDFAVjh94cBYABo-JKfAXic8AWAAQGKAQNVU0SSBQb0aQGYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACuslZ6gJIaHR0cHM6Ly9sZWxlNDNrZy5jbGljay9hcnRpY2xlX2FhMzEzZGQ2LWFiZDktMTFlZC1iMjFkLTI3NWIxYjQ1ZGQxNy5odG1sgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDjE0OS41Ni4xNTMuMTg0qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBPHK0MUB-gQSCQAAAKAhwUZAEQAAAKCeZVLAiAUBmAUAoAWzruLozJ3w7U2qBRBXU00zQzJTNTIzV1ZPN1lZwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFmwH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG-eMC2gYWChAAAAU1FQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAec8AXSBw0JEScBJgzaBwYIBQlo4AcA6gcCCADwB5GACIoIAhAAlQgAAIA_mAgB&s=c98246300e014774c3cdfa0319691c2104b27eda&bdref=https%3A%2F%2Flele43kg.click%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Flele43kg.click%2F,https%3A%2F%2Flele43kg.click%2F&
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:39 GMT
AN-X-Request-Uuid
72c893f3-7327-4851-9b72-a4bcc5e4a688
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 0BD4 		67 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619135940065&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huh~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvf%2CHA~LEQMQOvf9fA9F9huF~e8QMGvHhh.Wu~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWaVqruelF8V91qZf~G7OvA9hihuhFAi9WFffuhiWiAFiFfhXFXXWHF9Ffhf9FFXh9FXuhHAhuHXWhHHFWfFHfhXAAAu9ufXhfuuXAuiuih9FffFFWiHAAAXhXuFW~eBxv9.9A~OfEMjvu9~AENkviii.iu~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iF~exLjMGv9.Au~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvH9.Xh~exLjMjvf9~%3DVvfiAf~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.fu~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvu.FX~8exLjMjvf9~NGOEv9.9ff~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
68e7079fb344f89cd8fcdb1328af799a2b48d324b66216542f6d2d3e7f0979bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
28060
content-type
text/html
date
Thu, 08 Jun 2023 02:33:39 GMT
expires
Thu, 08 Jun 2023 02:33:39 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-pc8t
bping.php
lg3.media.net/ Frame 3099 		35 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=1899&&vgd_cdv=971&vgd_tsce=L158&vgd_cage=1&vgd_mcf=2099&gdpr=0&prid=8PRVCXX19&cid=8CU47NEFE&crid=295351712&vi=1686191619135940065&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=170785135&r=1686191619550&requrl=https%3A%2F%2Flele43kg.click%2F&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huh~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvf%2CHA~LEQMQOvf9fA9F9huF~e8QMGvHhh.Wu~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWaVqruelF8V91qZf~G7OvA9hihuhFAi9WFffuhiWiAFiFfhXFXXWHF9Ffhf9FFXh9FXuhHAhuHXWhHHFWfFHfhXAAAu9ufXhfuuXAuiuih9FffFFWiHAAAXhXuFW~eBxv9.9A~OfEMjvu9~AENkviii.iu~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iF~exLjMGv9.Au~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvH9.Xh~exLjMjvf9~%3DVvfiAf~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.fu~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvu.FX~8exLjMjvf9~NGOEv9.9ff~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&ssld=%7B%22QQ8E%22%3A%22uHi.XF.uXA.uWH%22%2C%22QQNN%22%3A%22%3DK%22%2C%22QQQN%22%3A%22g%3D%22%2C%22QQN75%22%3A%22cmz7L%C3%83%C2%83%C3%82%C2%A91j%22%7D&vgd_bid=339254&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1686191619120326381&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH868Z4&vgd_hb_audit_2=341475548&vgd_pgid=p11302748793t202306080233&vgd_pgids=3&vgd_uspa=0&hvsid=00001686191619548025035145526918&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 08 Jun 2023 02:33:39 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
server-timing
ak_p; desc="1686191619594_388820429_35125174_32_777_17_0_146";dur=1
content-length
35
expires
Thu, 08 Jun 2023 02:33:39 GMT
checksync.php
contextual.media.net/ Frame 0210 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH868Z4&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C359%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de0aaf2a142e96621d624daadf23c5c4ea7df3ad409db9487c4b1b4030473a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9608
content-type
text/html; charset=UTF-8
date
Thu, 08 Jun 2023 02:33:39 GMT
expires
Sat, 10 Jun 2023 02:33:39 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 3099 		35 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4704&lper=1&itypeid=21&itype=APPNEXUS_EXPERIMENT&cc=CA&cid=8CUH868Z4&reqid=645016673232256730&vid=645016673232256730&dn=lele43kg.click&rawDn=lele43kg.click&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=QC&ct=Montr%C3%83%C2%A9al&zip=H3H&pubid=pub-appnexus-exp&tgtval=pub-appnexus-exp&csip=rtb-common-66c67fcb65-j6fhx.OR&dtc=west_or&zone=b&ptype=23&tmax=150&xtmax=120&gdpr=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=16276&gender=O&sckfl=0&smbrid=11786&usp_status=0&usp_enf=1&pexid=APPNEXUS_EXPERIMENT-1767266&geoll=true&is_ortb=true&s_ip=104.254.150.219&s_city=los+angeles&commit_id=66203b96&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-06-07+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=3&dummy_vsid=false&second_call=false&supply_cc=CA&ipcc=CA&is_msnnative_src=false&rtttime=42&req_tid_present=true&pvid=294&prvAccId=295351712&prvApiId=8CU47NEFE&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=341475548&prspt=headerBid&prvReqId=5309046465083_1914769502_34147554812941&reqsize=300x250&size=300x250&chnl=HARMONY&bdp=0.030&cbdp=0.022&og_cbdp=0.030&ogbdp=0.03&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.022&dt=O&dbf=1&epc=295351712&s=1&snm=SUCCESS&pcrid=8CU47NEFE-295351712-23-8&tpbTkn=false&exid=31&bidflr=0.013&pbidflr=0.013&opbidflr=0.013&spbf=0&viewability=3&slotVisibility=1&adpos=1&iframingState=0&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1686191618896&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.03&dmm_erpm=true&dmm_ogerpm=false&bcrid=414459249&strg=HARMONY&stagid=20341134&vls=0&scrid=414459249&mang=1&pvdTmax=80&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&apPrfs%3C%3E=65%23%2313%23%2361&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_tid_sent=false&mx_epbc=8CU47NEFE&mx_SPRIG=2&mx_bsBucket=1&mx_ssProfile=0&mx_int_dsp_id=32&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=1&mx_sid=8CUH868Z4&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=20341134&mx_tgs=300x250&mx_bsProfileRa=-1&mx_IAB2=2&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_gpid=20341134&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=-1&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=nOOjochtsXne&mx_gpid_sent=true&mx_commit_id=b868a86c35&acid=3ba801154c8843b5bbdada0aa5fed2ed&rtime=0.0&wsip=mowx-58ff4844bf-c6xrx&ltime=24.0&act=headerBid&abs=0%7C0%7Cxtmax%3D120%7Cbrr%3D0&adtypes=0&impId=5842089731546834417&reftime=15000&reftype=0&keywordSellerId=false&dsid=20341134&insl=0&mowxReqId=3ba801154c8843b5bbdada0aa5fed2ed_1&ecp=2.09&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&dfpDiv=20341134&supplyTagId=20341134&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&actltime=25&debug_ts=2023-06-08+02%3A33%3A38&__expireat=1686192219149&mview=1&rme=adm&bdata=sd2%3Dnull~tt%3D0~iurl_l%3D20~ogerpm%3D0.03~vw_exc%3D0.03~vis_sd%3D182~dc2%3D1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2023060717~iurl_b%3D5040.58~url_tkc%3D0~std%3D20341134~MP%3D.*article.*~last%3D~vis_url_b%3D0.59~ip%3D2JquuY~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D16~rc%3D2%2C43~rps_sd%3D2023060716~vis_b%3D477.81~url_b%3D0.2~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~ecp_eer%3D69.67~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.03~vl2r_url_kc%3D0E0~bm%3D1~sid%3D295351712~sd%3D0~uid%3D338OIHD1vz6iI0aHG2~btd%3D3079717639086221798936962756558460627206657065174371458744682642753331012572115319197062266894333575168~vwu%3D0.03~d2p_l%3D10~3pcf%3D999.91~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D1~ogd2p_b%3D0.96~vurl_b%3D0.31~ss%3DNA~cc%3DCA~uiw%3D-1~ce%3D0~rps_b%3D40.57~vurl_l%3D20~CI%3D2932~nts%3D1~MP2%3D.*article.*~bss_RVP%3DMB%2CNED~ct%3Dmontreal~bss_KTW%3DMB%2CNED~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D3.21~PF%3D0~isif%3D0~bid%3D0.03~dc%3D8~vl2r_b%3D1.65~ivurl_l%3D20~cbdp%3D0.022%7Eitype_id%3D21%7Eseller_tag_id%3D20341134%7Esupply_tag_id%3D20341134%7Eviewability%3D0.033504%7Epos%3D1%7EcarrierId%3D0%7Eogbid%3D0.030%7Ebflr%3D0.013%7Esuid%3D%7Edtc%3Dwest_or%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Ddefault%7Einsl%3D0%7Esobp%3D%7Ehtml%3D1%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~nsz%3D1~tgs%3D300x250~bsb%3D1~bsp%3D-1~tmx%3D80&utime=688&sf=0&cpr=0.5647511288195441
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:39 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
server-timing
ak_p; desc="1686191619598_388820429_35125205_140_819_17_0_146";dur=1
content-length
35
expires
Thu, 08 Jun 2023 02:33:39 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7F85 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11786&pub_id=1767266
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66911
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 08 Jun 2023 02:33:39 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 24 May 2023 07:58:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3253, 474741
X-Served-By
cache-lga13626-LGA, cache-yul12825-YUL
X-Timer
S1686191620.597465,VS0,VE0
rd_log
lax1-ib.adnxs.com/ Frame 3099 		0
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&e=wqT_3QLVBPBMVQIAAAMA1gAFAQiC_ISkBhDxy7nWh7XRiVEYvv7VsrX24clWKjYJukkMAiuHlj8R_x68dmnDkT8ZAAAA4FG4AEAh_x68dmnDkT8pukkJJNgxAAAAQDMzwz8wjsPZCTiKXEDqXEjgA1DxytDFAVjh94cBYABo-JKfAXim5gOAAQGKAQNVU0SSBQb0aQGYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACuslZ6gJIaHR0cHM6Ly9sZWxlNDNrZy5jbGljay9hcnRpY2xlX2FhMzEzZGQ2LWFiZDktMTFlZC1iMjFkLTI3NWIxYjQ1ZGQxNy5odG1sgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDjE0OS41Ni4xNTMuMTg0qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBPHK0MUB-gQSCQAAAKAhwUZAEQAAAKCeZVLAiAUBmAUAoAXa_dmR8-fj-QiqBRBFN1pEUVNDMlVPTktLU0ZHwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFmwH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG-eMC2gYWChAAAAU1FQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAem5gPSBw0JEScBJgzaBwYIBQlo4AcA6gcCCADwB5GACIoIAhAAlQgAAIA_mAgB&s=dbf21f9981465759ac81d9652eb208205875c5e0&bdref=https%3A%2F%2Flele43kg.click%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Flele43kg.click%2F,https%3A%2F%2Flele43kg.click%2F&
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:39 GMT
AN-X-Request-Uuid
0765f067-03b8-4fa1-95bb-0d087066226a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F08B 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11786&pub_id=1767266&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11786&pub_id=1767266
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:39 GMT
AN-X-Request-Uuid
575931c5-73b5-4cda-a359-c6236abfbfe2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync
cs.media.net/ Frame 6D39
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzI5MTkzMjE5MTQ1NTIyNTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEKMg7ZYilO8UhqGPNrUblU0&google_cver=1
61 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEKMg7ZYilO8UhqGPNrUblU0&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH868Z4&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C359%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
server-timing
ak_p; desc="1686191619804_388820429_35125695_617_487_17_0_146";dur=1
content-length
61
x-mnet-hl2
E
expires
Thu, 08 Jun 2023 02:33:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEKMg7ZYilO8UhqGPNrUblU0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6D39
Redirect Chain
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop
  • https://contextual.media.net/cksync.php?cs=1&ovsid=2bf58bee-ca3b-40ab-8e31-dd6b0cdc5d38&type=loop&gdpr_consent=null&gdpr=0
61 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=2bf58bee-ca3b-40ab-8e31-dd6b0cdc5d38&type=loop&gdpr_consent=null&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH868Z4&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C359%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 08 Jun 2023 02:33:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 08 Jun 2023 02:33:40 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&ovsid=2bf58bee-ca3b-40ab-8e31-dd6b0cdc5d38&type=loop&gdpr_consent=null&gdpr=0
date
Thu, 08 Jun 2023 02:33:39 GMT
server
_
content-length
0
truncated
/ Frame E916 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E916 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E916 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame E916 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619596932451&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWH~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huX~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvu~LEQMQOvf9fA9F9huh~e8QMGvAHF.fA~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWa6APCNLPWDTQKyT~G7OvA9hihuhFAi9WFffuhiWiAFihhXhhiHXWWAHAX9AWWuhiXFFh9XFiXXifXHiiiu9F9XWAiihHFWihufh9ufXuf99XWWiAAWFhhhfAuAF~eBxv9.9A~OfEMjvu9~AENkviii.iH~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGv9.fW~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvAW.Hh~exLjMjvf9~%3DVvfiAH~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.XH~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvf.Hf~8exLjMjvf9~NGOEv9.9f9~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzuW~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619596932451&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWH~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huX~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvu~LEQMQOvf9fA9F9huh~e8QMGvAHF.fA~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWa6APCNLPWDTQKyT~G7OvA9hihuhFAi9WFffuhiWiAFihhXhhiHXWWAHAX9AWWuhiXFFh9XFiXXifXHiiiu9F9XWAiihHFWihufh9ufXuf99XWWiAAWFhhhfAuAF~eBxv9.9A~OfEMjvu9~AENkviii.iH~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGv9.fW~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvAW.Hh~exLjMjvf9~%3DVvfiAH~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.XH~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvf.Hf~8exLjMjvf9~NGOEv9.9f9~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzuW~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Fri, 09 Jun 2023 02:33:39 GMT
Roboto-Regular.woff
contextual.media.net/__media__/fonts/Roboto-Regular/ Frame E916 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Regular/Roboto-Regular.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619596932451&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWH~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huX~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvu~LEQMQOvf9fA9F9huh~e8QMGvAHF.fA~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWa6APCNLPWDTQKyT~G7OvA9hihuhFAi9WFffuhiWiAFihhXhhiHXWWAHAX9AWWuhiXFFh9XFiXXifXHiiiu9F9XWAiihHFWihufh9ufXuf99XWWiAAWFhhhfAuAF~eBxv9.9A~OfEMjvu9~AENkviii.iH~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGv9.fW~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvAW.Hh~exLjMjvf9~%3DVvfiAH~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.XH~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvf.Hf~8exLjMjvf9~NGOEv9.9f9~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzuW~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619596932451&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWH~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huX~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvu~LEQMQOvf9fA9F9huh~e8QMGvAHF.fA~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWa6APCNLPWDTQKyT~G7OvA9hihuhFAi9WFffuhiWiAFihhXhhiHXWWAHAX9AWWuhiXFFh9XFiXXifXHiiiu9F9XWAiihHFWihufh9ufXuf99XWWiAAWFhhhfAuAF~eBxv9.9A~OfEMjvu9~AENkviii.iH~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGv9.fW~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvAW.Hh~exLjMjvf9~%3DVvfiAH~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.XH~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvf.Hf~8exLjMjvf9~NGOEv9.9f9~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzuW~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
25020
expires
Fri, 09 Jun 2023 02:33:39 GMT
async_usersync
ib.adnxs.com/ Frame 7F85 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11786&pub_id=1767266&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11786&pub_id=1767266
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:39 GMT
AN-X-Request-Uuid
be79021f-d8ba-4a2d-bf71-bdfc3be52580
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync
cs.media.net/ Frame 0210
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzI5MTkzMjE5MTQ1NTIyNTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESENcOtvd6GPqVl71bVfuJzu8&google_cver=1
61 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESENcOtvd6GPqVl71bVfuJzu8&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH868Z4&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C359%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
server-timing
ak_p; desc="1686191619800_388820429_35125696_99_667_17_0_146";dur=1
content-length
61
x-mnet-hl2
E
expires
Thu, 08 Jun 2023 02:33:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESENcOtvd6GPqVl71bVfuJzu8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 0210
Redirect Chain
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop
  • https://contextual.media.net/cksync.php?cs=1&ovsid=cb9a152d-f5fa-46d5-9861-40933242175c&type=loop&gdpr_consent=null&gdpr=0
61 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=cb9a152d-f5fa-46d5-9861-40933242175c&type=loop&gdpr_consent=null&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH868Z4&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C359%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 08 Jun 2023 02:33:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 08 Jun 2023 02:33:40 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&ovsid=cb9a152d-f5fa-46d5-9861-40933242175c&type=loop&gdpr_consent=null&gdpr=0
date
Thu, 08 Jun 2023 02:33:39 GMT
server
_
content-length
0
vevent
lax1-ib.adnxs.com/ Frame ED3B 		0
954 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&e=wqT_3QKWBfBMlgIAAAMA1gAFAQiC_ISkBhC2vvu5_tTisE8Y_NXQ0oWFsLdCKjYJexSuR-F6lD8RLhwIyQImkD8ZAAAA4FG4AEAhLhwIyQImkD8pexQJJNgxAAAAQDMzwz8wjsPZCTiKXEDqXEjgA1DxytDFAVjh94cBYABo-JKfAXic8AWAAQGKAQNVU0SSBQb0qAGYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACuslZ6gJIaHR0cHM6Ly9sZWxlNDNrZy5jbGljay9hcnRpY2xlX2FhMzEzZGQ2LWFiZDktMTFlZC1iMjFkLTI3NWIxYjQ1ZGQxNy5odG1sgAMAiAMBkAMAmAMUoAMBqgNBEhg1NjEwMjg5ODg0MTA1ODQwNDM1X3NiaWQaEzU3MjAwMDU0NTU0ODEwNjkzNjYiCTQxNDQ1OTI0OSoFTTExNzPAA6wCyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQOMTQ5LjU2LjE1My4xODSoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAE8crQxQH6BBIJAAAAoCHBRkARAAAAoJ5lUsCIBQGYBQCgBbOu4ujMnfDtTaoFEFdTTTNDMlM1MjNXVk83WVnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWbAfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Ab54wLaBhYKEAUzHQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAec8AXSBw0JESkBJgzaBwYIBQlo4AcA6gcCCADwB5GACIoIAhAAlQgAAIA_mAgB&s=69fee845cbaee25858c5140da050c3aa4d2a3732&type=nv&nvt=5&jm=1003&px=1040&py=2164&bw=300&bh=250&sid=8887982371078886570&vd=ct~0|rr~0&sv=233&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20341134&sw=1600&sh=1200&pw=1600&ph=5921&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/233/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:39 GMT
AN-X-Request-Uuid
7a4a7f20-653f-4744-bc48-2bfcb05443f6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://lele43kg.click
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 0BD4 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0BD4 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0BD4 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame 0BD4 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619135940065&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huh~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvf%2CHA~LEQMQOvf9fA9F9huF~e8QMGvHhh.Wu~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWaVqruelF8V91qZf~G7OvA9hihuhFAi9WFffuhiWiAFiFfhXFXXWHF9Ffhf9FFXh9FXuhHAhuHXWhHHFWfFHfhXAAAu9ufXhfuuXAuiuih9FffFFWiHAAAXhXuFW~eBxv9.9A~OfEMjvu9~AENkviii.iu~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iF~exLjMGv9.Au~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvH9.Xh~exLjMjvf9~%3DVvfiAf~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.fu~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvu.FX~8exLjMjvf9~NGOEv9.9ff~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619135940065&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huh~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvf%2CHA~LEQMQOvf9fA9F9huF~e8QMGvHhh.Wu~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWaVqruelF8V91qZf~G7OvA9hihuhFAi9WFffuhiWiAFiFfhXFXXWHF9Ffhf9FFXh9FXuhHAhuHXWhHHFWfFHfhXAAAu9ufXhfuuXAuiuih9FffFFWiHAAAXhXuFW~eBxv9.9A~OfEMjvu9~AENkviii.iu~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iF~exLjMGv9.Au~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvH9.Xh~exLjMjvf9~%3DVvfiAf~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.fu~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvu.FX~8exLjMjvf9~NGOEv9.9ff~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Fri, 09 Jun 2023 02:33:39 GMT
Roboto-Regular.woff
contextual.media.net/__media__/fonts/Roboto-Regular/ Frame 0BD4 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Regular/Roboto-Regular.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619135940065&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huh~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvf%2CHA~LEQMQOvf9fA9F9huF~e8QMGvHhh.Wu~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWaVqruelF8V91qZf~G7OvA9hihuhFAi9WFffuhiWiAFiFfhXFXXWHF9Ffhf9FFXh9FXuhHAhuHXWhHHFWfFHfhXAAAu9ufXhfuuXAuiuih9FffFFWiHAAAXhXuFW~eBxv9.9A~OfEMjvu9~AENkviii.iu~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iF~exLjMGv9.Au~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvH9.Xh~exLjMjvf9~%3DVvfiAf~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.fu~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvu.FX~8exLjMjvf9~NGOEv9.9ff~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619135940065&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huh~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvf%2CHA~LEQMQOvf9fA9F9huF~e8QMGvHhh.Wu~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWaVqruelF8V91qZf~G7OvA9hihuhFAi9WFffuhiWiAFiFfhXFXXWHF9Ffhf9FFXh9FXuhHAhuHXWhHHFWfFHfhXAAAu9ufXhfuuXAuiuih9FffFFWiHAAAXhXuFW~eBxv9.9A~OfEMjvu9~AENkviii.iu~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iF~exLjMGv9.Au~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvH9.Xh~exLjMjvf9~%3DVvfiAf~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.fu~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvu.FX~8exLjMjvf9~NGOEv9.9ff~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:39 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
25020
expires
Fri, 09 Jun 2023 02:33:39 GMT
bql.php
lg3.media.net/ Frame E916 		15 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=4937&&vgd_canary=0&vgd_l2type=scs_newfl&fp=Pjbtb5278fvGijWSPOOVzFV1kb5UxfnPw_K1rQVTAM88ep8XU4I1DIbLw0FQu9kO-CHs23P-VUdjBatQPF8wWEF2hkvgRUEUZh7Tu5SZw246p0IBjQunlQtndbrJmvCCxvPhxkhxzPNvi45AQyr7dw%3D%3D&cme=ZdtBObN9CwWmC-vy-t7c_x50dXQ6EDP4lpQi0xKXXeVW6aNVtOg2PqmPMEmSTC9oWamVI7dE-_a0EFtq2ynMi0O8b1lRkEQ6Ndlk1eIfiRDInz3Jdc8g-sNYVlsW2NXRdd4koiqrXRsAmUa84SZRL6j90ndCHhks_5FVMDbdZ3rxJ_JGzKSeF_aaS6zMmkVPwHFDblmvk6ajlzPmD4sL-RRXuZRcPsCjAEc1yF9hXIM%3D%7C%7Cu8A6SM53vAftoPNiubF0nycR241yHs9V%7Cwq-seedwI9StKo6oJATMcvyNPKXfS9WM%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CQPmHO0zFQ7_MMyt3HnKyC0uzVrbD1MvnJ6sEUq1jiFDdylNvMj2qf4GWSYHqWiI4_UOn-ydSyXZpUK5zycw2CoN-nSOMXTBrPNDl7uKUVcY%3D%7CIlH0OUl0EHR_-wuk2XSv20XNBMEFljc9g2TbnkGG0YhiGiGiMyBI8Bk7E4EnckCe1N7JuuVefh6E_PNLq5R5PqmNlt1o6bqTJNhK-Dd5hgj3xcuE2fqvlL1ztyq8vNesWByUUhqVXYZcg8IvNCzBu_-aO1GoQhRkfRRdqELzFJD7vZu1iF-EmFoxO4ntlcpyculWcCCN1d5_kLIvkTPaMum8Lgmu4ziH8gWSN18b7f3A-Y3RQNd0743Ktscu5i8SwWT_TEwzhqE%3D%7C&subBdr=196&bdrid=294&ksu=355&fdkt=453&vgde_kbbh=ffoyxQJuO&kwd[]=Must-Try+Restaurants+Near+Me&kwt[]=453&kbc[]=1262276759&kwp[]=1&kid[]=351007827&kbc2[]=3%3D0.04%7C4%3D2.50%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.2085%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0009%7C8%3D060714%7C9%3D0%7C11%3D0%7C26%3D30692%7C27%3D210%7C13%3D0.0503%7C14%3D060717%7C15%3D0%7Cr%3D1%7Cps%3D0.993&ktd[]=274894815488&kwd[]=Top+10+Buffet+Restaurants&kwt[]=453&kbc[]=1262276759&kwp[]=2&kid[]=324967754&kbc2[]=clust%3D-2%7C%7C%2A~top~%2A~restaurants~%7C%7Csetid%3D10%7C%7Ct%3D2%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.3193%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0008%7C8%3D060714%7C9%3D0%7C11%3D0%7C26%3D9270%7C27%3D159%7C13%3D0.0477%7C14%3D060717%7C15%3D0%7Cr%3D2%7Cps%3D0.993&ktd[]=2882866986382397696&kwd[]=Top+Local+Restaurants&kwt[]=453&kbc[]=1262276759&kwp[]=3&kid[]=321195685&kbc2[]=clust%3D-2%7C%7C%2A~top~%2A~restaurants~%7C%7Csetid%3D10%7C%7Ct%3D2%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.3285%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0007%7C8%3D060714%7C9%3D0%7C11%3D0%7C26%3D28019%7C27%3D420%7C13%3D0.0509%7C14%3D060717%7C15%3D0%7Cr%3D3%7Cps%3D0.993&ktd[]=2882866986382397696&v=1&geo=45.49%7C-73.58&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=CA&wsip=170774754&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3DK%22%2C%22QQN75%22%3A%22cmz7L%C3%83%C2%83%C3%82%C2%A91j%22%2C%22QQ8E%22%3A%22uHi.XF.uXA.uWH%22%2C%22QQQN%22%3A%22g%3D%22%7D&cid=8CU47NEFE&vi=1686191619596932451&vsid=3291932191455225&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=010&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=2&vgd_tsce=L158-S158&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUH868Z4&vgd_hb_audit_2=341475548&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=77009&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_ifrmode=13&vgd_l1rakh=1686191619159059203&sttm=1686191619442&upk=1686191619.6805&hvsid=00001686191619442025035145521378&verid=3111299&sbdrId=196&vgd_ecrid=414459249&tsrc=entity&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D16276&vgd_mcf=2099&vgd_vstrid=3291932191455225&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWH~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huX~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvu~LEQMQOvf9fA9F9huh~e8QMGvAHF.fA~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWa6APCNLPWDTQKyT~G7OvA9hihuhFAi9WFffuhiWiAFihhXhhiHXWWAHAX9AWWuhiXFFh9XFiXXifXHiiiu9F9XWAiihHFWihufh9ufXuf99XWWiAAWFhhhfAuAF~eBxv9.9A~OfEMjvu9~AENkviii.iH~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGv9.fW~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvAW.Hh~exLjMjvf9~%3DVvfiAH~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.XH~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvf.Hf~8exLjMjvf9~NGOEv9.9f9~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzuW~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&vgd_bhv_kbb=-1&vgd_cfud=221007&vgd_scsver=105&vgd_optout=0&vgd_ydspr=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001686191619442025035145521378&rc=0&rand=1686191619661&acid=4ac32c9176fa4395b13894726a6327a8&matm=1686191619661&vgd_ltimesrc=1&vgd_ltime=475&vgd_rtime=387&vgd_etm=12&vgd_l1hcsd=Ogzkn%7C3676&vgd_l1ch=1&vgd_lhl=1041&vgd_pgid=p11302748793t202306080233&vgd_csip=rtb-common-66c67fcb65-ncrjl.OR&vgd_sbSup=0&vgd_nrrs=77009&vgd_cdv=974&vgd_cntrdt=SL%7CDIV-div-insticator-ad-1%7CDIV-insticator-container&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619596932451&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWH~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huX~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvu~LEQMQOvf9fA9F9huh~e8QMGvAHF.fA~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWa6APCNLPWDTQKyT~G7OvA9hihuhFAi9WFffuhiWiAFihhXhhiHXWWAHAX9AWWuhiXFFh9XFiXXifXHiiiu9F9XWAiihHFWihufh9ufXuf99XWWiAAWFhhhfAuAF~eBxv9.9A~OfEMjvu9~AENkviii.iH~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGv9.fW~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvAW.Hh~exLjMjvf9~%3DVvfiAH~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.XH~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvf.Hf~8exLjMjvf9~NGOEv9.9f9~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzuW~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 08 Jun 2023 02:33:39 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
server-timing
ak_p; desc="1686191619781_388820429_35125652_123_556_17_0_146";dur=1
content-length
15
expires
Thu, 08 Jun 2023 02:33:39 GMT
vevent
lax1-ib.adnxs.com/ Frame 3099 		0
954 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Flele43kg.click%2Farticle_aa313dd6-abd9-11ed-b21d-275b1b45dd17.html&e=wqT_3QKVBfBMlQIAAAMA1gAFAQiC_ISkBhDxy7nWh7XRiVEYvv7VsrX24clWKjYJukkMAiuHlj8R_x68dmnDkT8ZAAAA4FG4AEAh_x68dmnDkT8pukkJJNgxAAAAQDMzwz8wjsPZCTiKXEDqXEjgA1DxytDFAVjh94cBYABo-JKfAXim5gOAAQGKAQNVU0SSBQb0qAGYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACuslZ6gJIaHR0cHM6Ly9sZWxlNDNrZy5jbGljay9hcnRpY2xlX2FhMzEzZGQ2LWFiZDktMTFlZC1iMjFkLTI3NWIxYjQ1ZGQxNy5odG1sgAMAiAMBkAMAmAMUoAMBqgNAEhc2NDUwMTY2NzMyMzIyNTY3MzBfc2JpZBoTNTg0MjA4OTczMTU0NjgzNDQxNyIJNDE0NDU5MjQ5KgVNMTE3M8ADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8ATxytDFAfoEEgkAAACgIcFGQBEAAACgnmVSwIgFAZgFAKAF2v3ZkfPn4_kIqgUQRTdaRFFTQzJVT05LS1NGR8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZsB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBvnjAtoGFgoQAAEzHQEBsmDgBgHyBgIIAIAHAYgHAKAHAcgHpuYD0gcNAaoFAQEmDNoHBggFCWjgBwDqBwIIAPAHkYAIiggCEACVCAAAgD-YCAE.&s=a518c45f45a88b55f67f2622eebc53430e5b43af&type=nv&nvt=5&jm=1003&px=1040&py=2439&bw=300&bh=250&sid=8887982371078886570&vd=ct~0|rr~0&sv=233&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20341134&sw=1600&sh=1200&pw=1600&ph=5921&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/233/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:39 GMT
AN-X-Request-Uuid
27bfd9d5-63c4-4e45-9778-cbddec105ef4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://lele43kg.click
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bql.php
lg3.media.net/ Frame 0BD4 		15 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=4943&&vgd_canary=0&vgd_l2type=scs_newfl&fp=Pjbtb5278fvGijWSPOOVzFV1kb5UxfnPw_K1rQVTAM88ep8XU4I1DIbLw0FQu9kO-CHs23P-VUdjBatQPF8wWEF2hkvgRUEUZh7Tu5SZw246p0IBjQunlQtndbrJmvCCxvPhxkhxzPNvi45AQyr7dw%3D%3D&cme=ECSZgnSfivLc9dFu4I4coeneGcc3ARn_T63TtKmMaaQePl1ZL57NWsPgmKtMXp60YYC3s98JOg1kkLeDSLFh1YPR9YpOPzv3L4Z8EF9AAp4KeCnR_-d26h_ljkq5Kpg12RUzuDeDn_9Gza5XkkOXJTcTf9FjJvLaQW0AdUWlny0ugFtIy3ieeVNmLqgOZMT4zNi0Ehoo2aZt-J47FRMHV4tv9Z-drMzFpVBYgJT5Zmc%3D%7C%7CIlH0OUl0EHR_-wuk2XSv20XNBMEFljc9g2TbnkGG0YhiGiGiMyBI8Bk7E4EnckCe1N7JuuVefh6E_PNLq5R5PqmNlt1o6bqTJNhK-Dd5hgj3xcuE2fqvlL1ztyq8vNesWByUUhqVXYZcg8IvNCzBu_-aO1GoQhRkfRRdqELzFJD7vZu1iF-EmFoxO4ntlcpyculWcCCN1d5_kLIvkTPaMum8Lgmu4ziH8gWSN18b7f3A-Y3RQNd0743Ktscu5i8SwWT_TEwzhqE%3D%7Cu8A6SM53vAftoPNiubF0nycR241yHs9V%7Cwq-seedwI9StKo6oJATMcvyNPKXfS9WM%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CQPmHO0zFQ7_MMyt3HnKyC0uzVrbD1MvnJ6sEUq1jiFDdylNvMj2qf4GWSYHqWiI4_UOn-ydSyXZpUK5zycw2CoN-nSOMXTBrPNDl7uKUVcY%3D%7C&subBdr=196&bdrid=294&ksu=355&fdkt=453&vgde_kbbh=ffoyxQJuO&kwd[]=Must-Try+Restaurants+Near+Me&kwt[]=453&kbc[]=1262276759&kwp[]=1&kid[]=351007827&kbc2[]=3%3D0.04%7C4%3D2.50%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.2085%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0009%7C8%3D060714%7C9%3D0%7C11%3D0%7C26%3D30692%7C27%3D210%7C13%3D0.0503%7C14%3D060717%7C15%3D0%7Cr%3D1%7Cps%3D0.993&ktd[]=274894815488&kwd[]=Top+10+Buffet+Restaurants&kwt[]=453&kbc[]=1262276759&kwp[]=2&kid[]=324967754&kbc2[]=clust%3D-2%7C%7C%2A~top~%2A~restaurants~%7C%7Csetid%3D10%7C%7Ct%3D2%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.3193%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0008%7C8%3D060714%7C9%3D0%7C11%3D0%7C26%3D9270%7C27%3D159%7C13%3D0.0477%7C14%3D060717%7C15%3D0%7Cr%3D2%7Cps%3D0.993&ktd[]=2882866986382397696&kwd[]=Top+Local+Restaurants&kwt[]=453&kbc[]=1262276759&kwp[]=3&kid[]=321195685&kbc2[]=clust%3D-2%7C%7C%2A~top~%2A~restaurants~%7C%7Csetid%3D10%7C%7Ct%3D2%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.3285%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0007%7C8%3D060714%7C9%3D0%7C11%3D0%7C26%3D28019%7C27%3D420%7C13%3D0.0509%7C14%3D060717%7C15%3D0%7Cr%3D3%7Cps%3D0.993&ktd[]=2882866986382397696&v=1&geo=45.49%7C-73.58&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=CA&wsip=170774882&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3DK%22%2C%22QQN75%22%3A%22cmz7L%C3%83%C2%83%C3%82%C2%A91j%22%2C%22QQ8E%22%3A%22uHi.XF.uXA.uWH%22%2C%22QQQN%22%3A%22g%3D%22%7D&cid=8CU47NEFE&vi=1686191619135940065&vsid=3291932191455225&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=010&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=2&vgd_tsce=L158-S158&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUH868Z4&vgd_hb_audit_2=341475548&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=77009&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_ifrmode=13&vgd_l1rakh=1686191619120326381&sttm=1686191619548&upk=1686191620.23262&hvsid=00001686191619548025035145526918&verid=3111299&sbdrId=196&vgd_ecrid=414459249&tsrc=entity&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D16276&vgd_mcf=2099&vgd_vstrid=3291932191455225&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huh~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvf%2CHA~LEQMQOvf9fA9F9huF~e8QMGvHhh.Wu~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWaVqruelF8V91qZf~G7OvA9hihuhFAi9WFffuhiWiAFiFfhXFXXWHF9Ffhf9FFXh9FXuhHAhuHXWhHHFWfFHfhXAAAu9ufXhfuuXAuiuih9FffFFWiHAAAXhXuFW~eBxv9.9A~OfEMjvu9~AENkviii.iu~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iF~exLjMGv9.Au~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvH9.Xh~exLjMjvf9~%3DVvfiAf~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.fu~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvu.FX~8exLjMjvf9~NGOEv9.9ff~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&vgd_bhv_kbb=-1&vgd_cfud=221007&vgd_scsver=105&vgd_optout=0&vgd_ydspr=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_mbr=1&vgd_pgids=3&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001686191619548025035145526918&rc=0&rand=1686191619746&acid=3ba801154c8843b5bbdada0aa5fed2ed&matm=1686191619746&vgd_ltimesrc=1&vgd_ltime=453&vgd_rtime=402&vgd_etm=6&vgd_l1hcsd=Ogzkn%7C3676&vgd_l1ch=1&vgd_lhl=1042&vgd_pgid=p11302748793t202306080233&vgd_csip=rtb-common-66c67fcb65-j6fhx.OR&vgd_sbSup=0&vgd_nrrs=77009&vgd_cdv=974&vgd_cntrdt=SL%7CDIV-div-insticator-ad-2%7CDIV-insticator-container&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1686191619135940065&gdpr=0&tsce=L158&cid=8CU47NEFE&cpcd=6F-nMPAfNUJ3hW3f93Uk-g%3D%3D&crid=295351712&size=300x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO78M88Z&tpid=TIH7BE5&https=1&rrr=BuAo4uYpv0grBBCHbPQDMd1EmmeNyt3JCzpd-6r6MQGkmE_RtrgX3wDqWYeZ8niZe_KVAY5ZUxt6wgT1aGJw0gFHy5H7wn_M&nse=5&ugd=4&adt1=8CUH868Z4&adt2=341475548&ebdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.9A~e8QMQOvuWf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9F9huh~8xLjMGvX9H9.XW~xLjM7UNv9~Q7Ovf9AHuuAH~c0v.*1L78NjJ.*~j1Q7v~e8QMxLjMGv9.Xi~8Evf6%20xx3~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuF~LNvf%2CHA~LEQMQOvf9fA9F9huF~e8QMGvHhh.Wu~xLjMGv9.f~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFi.Fh~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~GYvu~Q8OvfiXAXuhuf~QOv9~x8OvAAWaVqruelF8V91qZf~G7OvA9hihuhFAi9WFffuhiWiAFiFfhXFXXWHF9Ffhf9FFXh9FXuhHAhuHXWhHHFWfFHfhXAAAu9ufXhfuuXAuiuih9FffFFWiHAAAXhXuFW~eBxv9.9A~OfEMjvu9~AENkviii.iu~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iF~exLjMGv9.Au~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvH9.Xh~exLjMjvf9~%3DVvfiAf~z7Qvu~c0fv.*1L78NjJ.*~GQQMD%2F0vcR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.fu~0sv9~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvu.FX~8exLjMjvf9~NGOEv9.9ff~875EJM8Ovfu~QJjjJLM71yM8Ovf9AHuuAH~QxEEj5M71yM8Ovf9AHuuAH~e8JB1G8j875v9.9AAX9H~EmQvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uA~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vA9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGvu~GQEvou~7Y-vW9&bdrId=294&bid=339254&ntv=0&mmm=uXosNfIDqEk%3D&kttle=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes&mcf=2099&ydspr=1&katpre=1&katbid=-102&isid=2&pgid=p11302748793t202306080233&essld=uHi.XF.uXA.uWH~%3DK~g%3D~cmz7L%C3%83%C2%83%C3%82%C2%A91j&htmlsrc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 08 Jun 2023 02:33:39 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
server-timing
ak_p; desc="1686191619814_388820429_35125718_57_1008_17_0_146";dur=1
content-length
15
expires
Thu, 08 Jun 2023 02:33:39 GMT
63ea99bcd2157.image.jpg
bloximages.newyork1.vip.townnews.com/lafourchegazette.com/content/tncms/assets/v3/editorial/9/76/9766ac9e-abda-11ed-a555-3f508f22eec6/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/lafourchegazette.com/content/tncms/assets/v3/editorial/9/76/9766ac9e-abda-11ed-a555-3f508f22eec6/63ea99bcd2157.image.jpg?crop=602%2C681%2C448%2C25&resize=442%2C500&order=crop%2Cresize
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e33ba01eb3d4a4ace3fa9b6ad36df6d661a14cb08f4c698d280988a2f15eec80
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:40 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
303
cf-polished
origSize=40393, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Feb 2023 20:12:45 GMT
server
cloudflare
x-vcache
MISS
etag
"d16ec017e49c2d875d736848c12a7ac4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
7d3dbb396b28a1da-YYZ
expires
Wed, 29 May 2024 11:26:28 GMT
63ea99d37a1c1.image.jpg
bloximages.newyork1.vip.townnews.com/lafourchegazette.com/content/tncms/assets/v3/editorial/c/a9/ca965092-abda-11ed-a1f8-8b8af48702e9/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/lafourchegazette.com/content/tncms/assets/v3/editorial/c/a9/ca965092-abda-11ed-a1f8-8b8af48702e9/63ea99d37a1c1.image.jpg?resize=375%2C500
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0072b43322ff1b20e60f83cc458bd35dca304960b429f20b12c23125512cd964
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:40 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
303
cf-polished
origSize=30893, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Feb 2023 20:13:08 GMT
server
cloudflare
x-vcache
MISS
etag
"7d26682a98438e9de6ddaba265de664f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
7d3dbb396b2da1da-YYZ
expires
Wed, 22 May 2024 15:26:48 GMT
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=16192/rand=770639713/pv=y/med=flag%3A%20featured/rb=%7B%22meta_tag%22%3A%22food%2C%20gastronomy%2C%20restaurant%20industry%2C%20industry%2C%20the%20economy%2C%20tourism%2... Frame 0BBF
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=16192/rand=770639713/pv=y/med=flag%3A%20featured/rb=%7B%22meta_tag%22%3A%22food%2C%20gastronomy%2C%20restaurant%20industry%2C%20industry%2C%20the%20economy%2C%20touris...
  • https://bcp.crwdcntrl.net/5/ct=y/c=16192/rand=770639713/pv=y/med=flag%3A%20featured/rb=%7B%22meta_tag%22%3A%22food%2C%20gastronomy%2C%20restaurant%20industry%2C%20industry%2C%20the%20economy%2C%20t...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=16192/rand=770639713/pv=y/med=flag%3A%20featured/rb=%7B%22meta_tag%22%3A%22food%2C%20gastronomy%2C%20restaurant%20industry%2C%20industry%2C%20the%20economy%2C%20tourism%22%7D/rt=ifr
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/c/16192/cc.js?ns=_cc16192
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.228.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-228-60.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0912f751da311f8497dc1b7458fe54b7136eff5aa2266fa657d5dacc8fadba2e

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
1263
content-type
text/html;charset=utf-8
date
Thu, 08 Jun 2023 02:33:40 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.42.168

Redirect headers

cache-control
no-cache
content-length
0
date
Thu, 08 Jun 2023 02:33:40 GMT
expires
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=16192/rand=770639713/pv=y/med=flag%3A%20featured/rb=%7B%22meta_tag%22%3A%22food%2C%20gastronomy%2C%20restaurant%20industry%2C%20industry%2C%20the%20economy%2C%20tourism%22%7D/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.10.30
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e76a4e1dd6b883b861a34c6cd8acbe068fb9ef1c3938f0cee5d511e30f90b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11268
x-xss-protection
0
63ea99bcd2157.image.jpg
bloximages.newyork1.vip.townnews.com/lafourchegazette.com/content/tncms/assets/v3/editorial/9/76/9766ac9e-abda-11ed-a555-3f508f22eec6/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/lafourchegazette.com/content/tncms/assets/v3/editorial/9/76/9766ac9e-abda-11ed-a555-3f508f22eec6/63ea99bcd2157.image.jpg?crop=602%2C681%2C448%2C25&resize=442%2C500&order=crop%2Cresize
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e33ba01eb3d4a4ace3fa9b6ad36df6d661a14cb08f4c698d280988a2f15eec80
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:40 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
303
cf-polished
origSize=40393, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Feb 2023 20:12:45 GMT
server
cloudflare
x-vcache
MISS
etag
"d16ec017e49c2d875d736848c12a7ac4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
7d3dbb39cc07a1da-YYZ
expires
Wed, 29 May 2024 11:26:28 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 02:33:40 GMT
pixel
cm.g.doubleclick.net/ Frame 0BBF 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MjBhMjI4NmNhOTM3MDhlNmVlMDAzZTRmMjE5NzU3MmY&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=16192/rand=770639713/pv=y/med=flag%3A%20featured/rb=%7B%22meta_tag%22%3A%22food%2C%20gastronomy%2C%20restaurant%20industry%2C%20industry%2C%20the%20economy%2C%20tourism%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 East White Plains, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr=0
sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=3568007f-6cb8-46a5-a6f6-9b5fd4b4a4c1/ Frame 0BBF
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D194%2Ftp%3DOPNX%2Ftpid%3D%7BOPENX_ID%7D%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=3568007f-6cb8-46a5-a6f6-9b5fd4b4a4c1/gdpr=0
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=3568007f-6cb8-46a5-a6f6-9b5fd4b4a4c1/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=16192/rand=770639713/pv=y/med=flag%3A%20featured/rb=%7B%22meta_tag%22%3A%22food%2C%20gastronomy%2C%20restaurant%20industry%2C%20industry%2C%20the%20economy%2C%20tourism%22%7D/rt=ifr
Protocol
H2
Server
52.72.123.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-123-193.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.40.193
content-length
49
expires
0

Redirect headers

date
Thu, 08 Jun 2023 02:33:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=3568007f-6cb8-46a5-a6f6-9b5fd4b4a4c1/gdpr=0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g.json
aa.agkn.com/adscores/ Frame 0BBF 		103 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=16192/rand=770639713/pv=y/med=flag%3A%20featured/rb=%7B%22meta_tag%22%3A%22food%2C%20gastronomy%2C%20restaurant%20industry%2C%20industry%2C%20the%20economy%2C%20tourism%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-50.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:40 GMT
via
1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
103
x-amz-cf-id
Kt9O26TxhPFhzgVi7Y1tikklkrxi1f0rQeZ06xQwqB2cnYDR8VdrFQ==
expires
0
382416.gif
idsync.rlcdn.com/ Frame 0BBF 		42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=20a2286ca93708e6ee003e4f2197572f&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=16192/rand=770639713/pv=y/med=flag%3A%20featured/rb=%7B%22meta_tag%22%3A%22food%2C%20gastronomy%2C%20restaurant%20industry%2C%20industry%2C%20the%20economy%2C%20tourism%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:40 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9EA6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
24478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 19:45:42 GMT
expires
Thu, 06 Jun 2024 19:45:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7D88 		783 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
388c0eb9065a1b5a9ab20f47469f32958f56a53bd9c53791691772ba314e912f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KtMI85I3YRYUwEMVaQYIaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-KtMI85I3YRYUwEMVaQYIaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 02:33:40 GMT
expires
Thu, 08 Jun 2023 02:33:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
uK_VmgO8sxJme0STQf3RX4aGGIbvcC5GR552gFNT4dM.js
pagead2.googlesyndication.com/bg/ Frame 9EA6 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uK_VmgO8sxJme0STQf3RX4aGGIbvcC5GR552gFNT4dM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8afd59a03bcb312667b449341fdd15f86861886ef702e46479e76805353e1d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 13:59:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
45240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Jun 2024 13:59:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7D88 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022301&jk=431288864456842&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9EA6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pxPEHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
async_usersync
ib.adnxs.com/ Frame F08B 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11786&pub_id=1767266&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11786&pub_id=1767266
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:40 GMT
AN-X-Request-Uuid
23095da7-6077-4a7b-a9ce-74f56866ac82
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7F85 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11786&pub_id=1767266&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11786&pub_id=1767266
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:40 GMT
AN-X-Request-Uuid
1667ab8f-e9b6-4c69-a0b7-5b915bb91ee0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022301&jk=431288864456842&bg=!l5SllMDNAAY9J7QfHSc7ADkAdvg8WuTFLNWdJ9mLmgiqsbZl6l557OxYfkQTCRsXEH3xhpKnqSQOqD9CBwl2C9LsqUySgBqUllACAAAAUVIAAAADaAEHmQLwiJe-8Xh52z1yMFeZnJYnYBEATj8tueuroZxhv1eqF5letMkCJ-OV6wSpLKWwsYGf00Ao_cJF41bu4C5ebZt_PgE1AgGEq7Amvf_c5XqmG1USS3L_5p7bGj8n2y8a8vl91exMyv2cq2YHn_bjqv4KVJfkN-3n0HApFyAr5HOTS2j0Ev8yM3hJo2BoBlRfb3TVyHJmi_3alfwAREeXszYpGCX-NsSJ-LlIGTHTwK8EJstHZBjyHtSLdtzr-w1lmzX_InkwCURWX1wAmtUWNiDK8hzXvPtLSSLYbSSxoxc3DaFWVAueP2KAS60fscY1lepNwh0eflOQLQseI5IcW8a4-VsVA6bu15QPmjZo60vLs7qB-MQFQaAVjlLwGD1mTkN0XOa70Tfc9OnxG62Qa9Tc66J0Z_iXDolBeGUDTJ_UuQ3cYC5rEFBCh99VYGDilU-NDeJm4pkWpbyFOnfzfg2wJ65iR4Qjf_Ku8SxkK76w5fDtgI_WTIY_k6wBfa16vxGqyoeVF-DN8R7T7JBu2F4XrvU8Fw6wEd9a989vl2m8b85deuyp0SNmT1WbW_hUEyaNjXU321zP1w9YZUp-G62Yj497k8-3BU13L67p0PyoKOhBWARnSHkLm8Geyn3hErBxqPV9sEyw1DAoGSz42GrWYYA3bir5jw75uulO8dVycQ87I6unFS_uM_AeaAsbIkddGsYm5W6IKG3ICnft2zbWGCRb1dTbtNDm8fD7uD_zpF8YmSAXeknDvcQ2XQYd6wJpFRQj1vLA5GcGzeAnkgUk_SATlCVBTYj-wiEjDGqqttUFGdkj5sCzqJFKVejcBkQ1y7kSqP5J5-SalzVn7rdw5aQoOqZT50RKNEY5eZ7iVDz5ca63ke7w2I2ape4uQT13W4HymfGK8nZwVfk17gcjnPM3_iMP3gI48NhJ8VfoKo6r6VSW29K5_NkcqoLnAxmlhlQqF0P0MmdDCgJnJbuM6v-a_1fsqUF6btrPWxEFz8k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
prebid
id5-sync.com/api/config/ 		135 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
9122d35ca0b1532a344f0801f9004b862de73fe3ec70d6eb04a345cc02e8e2a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lele43kg.click
date
Thu, 08 Jun 2023 02:33:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		109 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
67c16bcb94f90777a899589c3f4494fec70a78b9028350683d8eb833a28ce79a

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lele43kg.click
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 08 Jul 2023 02:33:42 GMT
isyn
prebid.a-mo.net/ Frame 93F8 		2 KB
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
48b0bb1642a155733dee03f2053d9775ba10dad074c4ffcce33c167ef6649cf2

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
643
content-type
text/html; charset=utf-8
date
Thu, 08 Jun 2023 02:33:41 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
pd
us-u.openx.net/w/1.0/ Frame 8CDD 		749 B
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
713a883b04a8dd615695327fb319129b690aa22f58d7e59d911e7275820c043a

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
481
content-type
text/html
date
Thu, 08 Jun 2023 02:33:42 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
de.tynt.com/deb/ Frame 5BDE
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
edf1f190357740096479eb0ff04787be990ef7ca32aa708a01b272175207c763

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1392
content-type
text/html
date
Thu, 08 Jun 2023 02:33:42 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 08 Jun 2023 02:33:41 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
ixmatch.html
js-sec.indexww.com/um/ Frame 5B01 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
941
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d3dbb47086aa228-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 08 Jun 2023 02:33:42 GMT
expires
Thu, 08 Jun 2023 06:33:42 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B849 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Jun 2023 02:33:42 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 59F7 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.25.0
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:2cf1:7be6:911:71d9:25f7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/1D3C) /
Resource Hash
5e81c12a471e42d82158cea8989ecc12013261692bd2011b6c93c42503ec3e91

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
454
cache-control
max-age=900
content-encoding
gzip
content-length
5477
content-md5
cDuWKWGvp02S+ui7GSGgWA==
content-type
text/html; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
etag
c5f585fa-f4bf-46f4-80c6-f022d37dcef9
expires
Thu, 08 Jun 2023 02:48:42 GMT
last-modified
Wed, 24 May 2023 20:11:58 GMT
opc-request-id
iad-1:IVkfmFTBgjn84x2rlgSOzszaY_vq9yGrXKj_DqV-CHb4OocUm2YJAlSh4ZhT5loa
server
ECAcc (nyb/1D3C)
storage-tier
Standard
vary
Accept-Encoding
version-id
655828f0-6d40-417a-9bfa-3b160530b458
x-api-id
native
x-cache
HIT
async_usersync.html
acdn.adnxs.com/dmp/ Frame D5A2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66913
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 08 Jun 2023 02:33:42 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 24 May 2023 07:58:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3253, 474756
X-Served-By
cache-lga13626-LGA, cache-yul12825-YUL
X-Timer
S1686191622.197586,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5671 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=20338
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 08 Jun 2023 02:33:42 GMT
expires
Thu, 08 Jun 2023 08:12:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58645/occ
  • https://ups.analytics.yahoo.com/ups/58645/occ?verify=true
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-hirM3MxE2uHKwUjao0aYPXGegQculCfLsDZCDx0-~A
49 B
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-hirM3MxE2uHKwUjao0aYPXGegQculCfLsDZCDx0-~A
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-55
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-hirM3MxE2uHKwUjao0aYPXGegQculCfLsDZCDx0-~A
date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
264.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_95cbaf0b-c0ff-42bf-8394-b545735ebeba&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=u_95cbaf0b-c0ff-42bf-8394-b545735ebeba&gdpr=0&gdpr_consent=&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=b34041a6-af38-4471-a315-26c52a34e8cb&ttl=%%TTL%%
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/264.gif?puid=b34041a6-af38-4471-a315-26c52a34e8cb&ttl=%%TTL%%
Protocol
HTTP/1.1
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
text/html;charset=utf-8

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://id5-sync.com/k/264.gif?puid=b34041a6-af38-4471-a315-26c52a34e8cb&ttl=%%TTL%%
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=d9412701-94e5-4cdb-9ec1-9bc534e67e66&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/434/9/1.gif?puid=d9412701-94e5-4cdb-9ec1-9bc534e67e66&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/441/8/2.gif?puid=u_f4a778f1-d736-425b-91f4-c298444b4d15&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F434%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/434/434/7/3.gif?puid=d9412701-94e5-4cdb-9ec1-9bc534e67e66&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-63cbuClFKqrFs-hSOvhuLtiS2THCG7vbnATpejA_kw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/434/3/6/4.gif?puid=2c146481-3e06-4900-8289-22511a19c681&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=b34041a6-af38-4471-a315-26c52a34e8cb&ttl=%%TTL%%
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F4%2F6.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/429/4/6.gif?puid=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/3/7.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/2/3/7.gif?puid=4631962839502029404&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/112/2/8.gif?puid=25E6484A784C2D49&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F1%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/434/108/1/9.gif?puid=b7cac19b-b603-4e70-8c51-b566d7991c42&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=2c146481-3e06-4900-8289-22511a19c681&gdpr=0&consent=&id5id=ID5-63cbuClFKqrFs-hSOvhuLtiS2THCG7vbnATpejA_kw
49 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=2c146481-3e06-4900-8289-22511a19c681&gdpr=0&consent=&id5id=ID5-63cbuClFKqrFs-hSOvhuLtiS2THCG7vbnATpejA_kw
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-176
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=2c146481-3e06-4900-8289-22511a19c681&gdpr=0&consent=&id5id=ID5-63cbuClFKqrFs-hSOvhuLtiS2THCG7vbnATpejA_kw
date
Thu, 08 Jun 2023 02:33:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=d9412701-94e5-4cdb-9ec1-9bc534e67e66
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=d9412701-94e5-4cdb-9ec1-9bc534e67e66
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b7cac19b-b603-4e70-8c51-b566d7991c42%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b34041a6-af38-4471-a315-26c52a34e8cb&ttd_puid=b7cac19b-b603-4e70-8c51-b566d7991c42%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b34041a6-af38-4471-a315-26c52a34e8cb&ttd_puid=b7cac19b-b603-4e70-8c51-b566d7991c42%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b34041a6-af38-4471-a315-26c52a34e8cb&ttd_puid=b7cac19b-b603-4e70-8c51-b566d7991c42%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		0
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=d9412701-94e5-4cdb-9ec1-9bc534e67e66
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-99.ewr53.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR53-C2
vary
Origin
access-control-allow-methods
POST, GET
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://lele43kg.click/
x-cache
Miss from cloudfront
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
content-length
0
x-amz-cf-id
UqMW1PW3ZHgjZ3-Im3y4ltw9JEuOI4272KzG_fEO5kCYuJVyJiQ2-g==
alt-svc
h3=":443"; ma=86400
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZDk0MTI3MDEtOTRlNS00Y2RiLTllYzEtOWJjNTM0ZTY3ZTY2
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEFAlpnFkYuJ-fSN2ya4z7mQ&google_cver=1
49 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEFAlpnFkYuJ-fSN2ya4z7mQ&google_cver=1
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-55
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEFAlpnFkYuJ-fSN2ya4z7mQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968907266893378216
49 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968907266893378216
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-194
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968907266893378216
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=2c146481-3e06-4900-8289-22511a19c681
49 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=2c146481-3e06-4900-8289-22511a19c681
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-176
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
MT3 933 7933424 master iad-pixel-x10 config_version:"981"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=2c146481-3e06-4900-8289-22511a19c681
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 08 Jun 2023 02:33:41 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&google_hm=MzRmYzRlN2UtNjFjYS00YTFjLThjMDAtODE2M2ViY2QyZTFk
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAGxvyjxltC7aN7CeOuVXBQ&google_cver=1&ssp=sonobi&bsw_param=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
49 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-176
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
Date
Thu, 08 Jun 2023 02:33:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
iu3
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=snb&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=snb&dcc=t
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3V0KB3Y8S3KC6TGQKDPS
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=snb&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_f4a778f1-d736-425b-91f4-c298444b4d15&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=u_f4a778f1-d736-425b-91f4-c298444b4d15&gdpr=0&gdpr_consent=&us_privacy=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/8/2.gif?puid=b7cac19b-b603-4e70-8c51-b566d7991c42&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=b34041a6-af38-4471-a315-26c52a34e8cb&ttl=%%TTL%%
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/6/4.gif?puid=4631962839502029404&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F5%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/441/429/5/5.gif?puid=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/112/4/6.gif?puid=25E6484A784C2D49&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/3/7.gif?puid=b7cac19b-b603-4e70-8c51-b566d7991c42&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/112/2/8.gif?puid=25E6484A784C2D49&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F1%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/1/9.gif?puid=b7cac19b-b603-4e70-8c51-b566d7991c42&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=b34041a6-af38-4471-a315-26c52a34e8cb&gdpr=0&consent=&id5id=ID5-63cbuClFKqrFs-hSOvhuLtiS2THCG7vbnATpejA_kw
49 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=b34041a6-af38-4471-a315-26c52a34e8cb&gdpr=0&consent=&id5id=ID5-63cbuClFKqrFs-hSOvhuLtiS2THCG7vbnATpejA_kw
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-176
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=b34041a6-af38-4471-a315-26c52a34e8cb&gdpr=0&consent=&id5id=ID5-63cbuClFKqrFs-hSOvhuLtiS2THCG7vbnATpejA_kw
date
Thu, 08 Jun 2023 02:33:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=d9412701-94e5-4cdb-9ec1-9bc534e67e66&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=LWdCTkJGR3phVTJSdkhvMk80aEtMdw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMzT4vzL4RhKrP0q8CGpNjQ&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=b3OwQ2zeK7XC
49 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=b3OwQ2zeK7XC
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-176
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=b3OwQ2zeK7XC
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-tgdh5
expires
-1
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e315a43aa9&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=b34041a6-af38-4471-a315-26c52a34e8cb&pubid=e315a43aa9
49 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=b34041a6-af38-4471-a315-26c52a34e8cb&pubid=e315a43aa9
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-155
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=b34041a6-af38-4471-a315-26c52a34e8cb&pubid=e315a43aa9
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
227
cframe.js
assets.a-mo.net/js/ Frame 93F8 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 36c050103b969d83a8b90ba7cba12542.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P2
age
558
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 27 Mar 2023 18:10:34 GMT
server
cloudflare
etag
W/"60125fcf1fcf576eebb45554f83ada73"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7d3dbb46b9da7148-YUL
x-amz-cf-id
hIfVM6Z95SkX8LfqCyS8gD5O1tE-CfnZw5L74iJfFNOfteAfEaFT4g==
expires
Thu, 08 Jun 2023 03:33:42 GMT
async_usersync
ib.adnxs.com/ Frame D5A2 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
AN-X-Request-Uuid
3ad53b55-d1d9-4bf1-a6a9-06d3d4480a4b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8CDD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZIE_BgAAAVBsyQAD
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIE_BgAAAVBsyQAD&_test=ZIE_BgAAAVBsyQAD
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIE_BgAAAVBsyQAD&_test=ZIE_BgAAAVBsyQAD
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4563-YYZ
pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1686191622.355775,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIE_BgAAAVBsyQAD&_test=ZIE_BgAAAVBsyQAD
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
b3d9bb28-c6ea-e2aa-f16b-7e51b84566ac
pr-bh.ybp.yahoo.com/sync/openx/ Frame 8CDD 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/b3d9bb28-c6ea-e2aa-f16b-7e51b84566ac?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:ad8e:c57c:f41b:3e87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 8CDD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7fc8a111-4aec-cb19-00b2-ea332f216005
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7fc8a111-4aec-cb19-00b2-ea332f216005&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7fc8a111-4aec-cb19-00b2-ea332f216005&dcc=t
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TFMYTDJ16R9WAKAPKQ1H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B47CT2MBYZXV2JN76SFQ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7fc8a111-4aec-cb19-00b2-ea332f216005&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8CDD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=271edd6c-5646-70e3-c0bc-68a44712abe5&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b34041a6-af38-4471-a315-26c52a34e8cb&ttd_puid=271edd6c-5646-70e3-c0bc-68a44712abe5&gdpr=0&gdpr_consent=
43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b34041a6-af38-4471-a315-26c52a34e8cb&ttd_puid=271edd6c-5646-70e3-c0bc-68a44712abe5&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b34041a6-af38-4471-a315-26c52a34e8cb&ttd_puid=271edd6c-5646-70e3-c0bc-68a44712abe5&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 8CDD 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGI3MTBlYTYtOWYzMS0yZTQ3LWQ1NWMtMzIxZDhkZjA2NTg1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 East White Plains, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8CDD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE-OG-uZ9EyemLBIPt41DvI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE-OG-uZ9EyemLBIPt41DvI&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE-OG-uZ9EyemLBIPt41DvI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 6D73
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
26a844f93c53e2b6e41c938c2ffc5d3169f33f06804545e603e9fdd98cae70a4

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1845
Content-Type
text/html
Date
Thu, 08 Jun 2023 02:33:42 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Thu, 08 Jun 2023 02:33:42 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
PugMaster
image6.pubmatic.com/AdServer/ Frame 5671 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53092960&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d7e059e8113ea09768869ccd3718e8d2ca6642c7665faffc2fc23fb17339a0f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 08 Jun 2023 02:33:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame B849 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cdf7e002d5ca9f1084402203a4059e230cbdccf6b248a4fb6214780d513a785d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Jun 2023 11:55:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33704
Connection
keep-alive
Content-Length
10113
Expires
Thu, 08 Jun 2023 11:55:26 GMT
usync.html
eus.rubiconproject.com/ Frame A897
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.25.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Jun 2023 02:33:42 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 08 Jun 2023 02:33:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
server
AkamaiGHost
server-timing
ak_p; desc="1686191622376_389431368_79565451_17_357_21_34_255";dur=1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EB7A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.25.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=20338
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 08 Jun 2023 02:33:42 GMT
expires
Thu, 08 Jun 2023 08:12:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 4BB4 		1 KB
679 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.25.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9f7f9461c7868801f6671ffead505735e33f8f99007f55bc8b579907d87fb5a7

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
660
content-type
text/html
date
Thu, 08 Jun 2023 02:33:42 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
hde.tynt.com/deb/ Frame DDB2
Redirect Chain
  • https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.25.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
94a02f59c558933038459f20f0ce529ae96ae565163eaad74f4f4484247aeb81

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1604
content-type
text/html
date
Thu, 08 Jun 2023 02:33:41 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 08 Jun 2023 02:33:42 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
/
onetag-sys.com/usync/ Frame 1CA6 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=572a470226457b8
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.25.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 4127
Redirect Chain
  • https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
  • https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.25.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
5d226680d8961466c18b227454d294603b4abf5fbae2c3f9835d68a73629f14f

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1210
content-type
text/html; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 08 Jun 2023 02:33:42 GMT
location
/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
services
uat-net.technoratimedia.com/ Frame 59F7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=b34041a6-af38-4471-a315-26c52a34e8cb
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=b34041a6-af38-4471-a315-26c52a34e8cb
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
199593020
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=b34041a6-af38-4471-a315-26c52a34e8cb
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
227
services
sync.technoratimedia.com/ Frame 59F7
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D46%26uid%3D%24UID
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4631962839502029404
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4631962839502029404
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
199920138
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9e3850df-f8e3-4b31-8bfb-fb4302c1eddd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4631962839502029404
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame 59F7
Redirect Chain
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
180965642
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
460481
content-length
0
services
sync.technoratimedia.com/ Frame 59F7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/syn
  • https://match.prod.bidr.io/cookie-sync/syn?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCTXNVN0pBbndBQUNQUUNjTXFNdw&bee_sync_partners=pm%2Cpp%2Csas%2Csyn&bee_sync_current_partner=adx&bee_sync_initiator=syn...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Csyn&bee_sync_current_partner=adx&bee_sync_initiator=syn&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAZYU7JAnwAACBq72dMAA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Csyn&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAZYU7JAnwAACBq72dMAA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%26bee_sync_current_partner%3Dpp%...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAAZYU7JAnwAACBq72dMAA&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAZYU7JAnwAACBq72dMAA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5249688979620387262
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAAZYU7JAnwAACBq72dMAA
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAAZYU7JAnwAACBq72dMAA
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
160709713
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAAZYU7JAnwAACBq72dMAA
Date
Thu, 08 Jun 2023 02:33:43 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
services
sync.technoratimedia.com/ Frame 59F7
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor&zcc=1&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3D%5BRX_UUID%5D&cb=1686191622482
  • https://ad.turn.com/r/cs?pid=45&rndcb=4334878104
  • https://sync.1rx.io/usersync/turn/3858709253814425740?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-72a9fcf6-ec71-43c6-...
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
160709705
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Thu, 08 Jun 2023 02:33:43 GMT
Server
Tengine
ETag
RX72a9fcf6ec7143c6a59401927ececd2a005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005
Content-Type
text/html
Connection
keep-alive
services
sync.technoratimedia.com/ Frame 59F7
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1669&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D
  • https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=ebe04054-6d62-42bf-bdf5-ba912b945d84
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=ebe04054-6d62-42bf-bdf5-ba912b945d84
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
142563200
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=ebe04054-6d62-42bf-bdf5-ba912b945d84
access-control-allow-origin
*
date
Thu, 08 Jun 2023 02:33:42 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
services
uat-net.technoratimedia.com/ Frame 59F7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-BmRDi8NE2uH9Rdb9EUm8VqzS5kspX9RO~A
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-BmRDi8NE2uH9Rdb9EUm8VqzS5kspX9RO~A
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
197138658
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-BmRDi8NE2uH9Rdb9EUm8VqzS5kspX9RO~A
date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
services
sync.technoratimedia.com/ Frame 59F7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D&s=191740&C=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZIE.BmLM1L.R1bfTJov76gAA%26025
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZIE.BmLM1L.R1bfTJov76gAA%26025
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
179390536
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZIE.BmLM1L.R1bfTJov76gAA%26025
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
0
Expires
0
services
sync.technoratimedia.com/ Frame 59F7
Redirect Chain
  • https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=568200899A48499D9AF846BF5A46F6A4&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%...
  • https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=3847c52f-0a8e-3bbf-a4bc-700cb1fe6d7b
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=3847c52f-0a8e-3bbf-a4bc-700cb1fe6d7b
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
157020954
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Location
https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=3847c52f-0a8e-3bbf-a4bc-700cb1fe6d7b
Date
Thu, 08 Jun 2023 02:33:42 GMT
Connection
close
Content-Length
118
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
services
uat-net.technoratimedia.com/ Frame 59F7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=synacor&user_id=568200899A48499D9AF846BF5A46F6A4
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dsynacor%26bsw_param%3D34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=2c146481-3e06-4900-8289-22511a19c681&expires=30&ssp=synacor&bsw_param=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=&gdpr_consent=
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
189508965
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Location
//uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
Date
Thu, 08 Jun 2023 02:33:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
services
sync.technoratimedia.com/ Frame 59F7
Redirect Chain
  • https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=568200899A48499D9AF846BF5A46F6A4&rurl=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D49%26...
  • https://synacor-match.dotomi.com/match/bounce/current?DotomiTest=5dfd8e5b522923d7&is_secure=true&networkId=63258&version=1&nuid=568200899A48499D9AF846BF5A46F6A4&rurl=https%3A%2F%2Fsync.technoratime...
  • https://sync.technoratimedia.com/services?srv=cs&pid=49&uid=AAALvZ70u6BM7ANnCHsOAAAAAAA&expiration=1686278022&nuid=568200899A48499D9AF846BF5A46F6A4&is_secure=true
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=49&uid=AAALvZ70u6BM7ANnCHsOAAAAAAA&expiration=1686278022&nuid=568200899A48499D9AF846BF5A46F6A4&is_secure=true
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
186890497
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://sync.technoratimedia.com/services?srv=cs&pid=49&uid=AAALvZ70u6BM7ANnCHsOAAAAAAA&expiration=1686278022&nuid=568200899A48499D9AF846BF5A46F6A4&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
services
sync.technoratimedia.com/ Frame 59F7
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=568200899A48499D9AF846BF5A46F6A4&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D
  • https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3291932191455225000V10
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3291932191455225000V10
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
179390524
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 08 Jun 2023 02:33:42 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3291932191455225000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 08 Jun 2023 02:33:42 GMT
rtb-h
sync.taboola.com/sg/synacorrtb-network/1/ Frame 59F7 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=568200899A48499D9AF846BF5A46F6A4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21838
services
sync.technoratimedia.com/ Frame 4BB4 		0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=1a7292d2-3111-48d0-aa7c-76c473f29503
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
199593024
access-control-allow-origin
https://us-u.openx.net/
access-control-allow-credentials
true
sd
us-u.openx.net/w/1.0/ Frame 4BB4
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=3890e989-043c-4cad-b629-f3e5a320a5d4&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:7ae9487e1da890a20c2998098f12b890
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:7ae9487e1da890a20c2998098f12b890
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 08 Jun 2023 02:33:42 GMT
server
Aorta/20230525.b9caa956e
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:7ae9487e1da890a20c2998098f12b890
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
8e2cf6932f94
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 4BB4
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=-EhXUP_Ayc0myCQTlAuRXw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4BB4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=2c146481-3e06-4900-8289-22511a19c681
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=2c146481-3e06-4900-8289-22511a19c681
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
MT3 933 7933424 master iad-pixel-x15 config_version:"981"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=2c146481-3e06-4900-8289-22511a19c681
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 08 Jun 2023 02:33:41 GMT
sd
us-u.openx.net/w/1.0/ Frame 4BB4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=7f92afef-9364-4386-8150-dd0122f445b4
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=7f92afef-9364-4386-8150-dd0122f445b4
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=7f92afef-9364-4386-8150-dd0122f445b4
Date
Thu, 08 Jun 2023 02:33:42 GMT
Connection
keep-alive
X-CI-RTID
ce6f8051-ba48-48cd-92f1-45aa21ddbfd2
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 4BB4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=e9fea58d-d953-402c-966e-3a51d9f8767b-64813e06-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=e9fea58d-d953-402c-966e-3a51d9f8767b-64813e06-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=e9fea58d-d953-402c-966e-3a51d9f8767b-64813e06-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 4BB4 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=2160ae90-0d41-4d64-8a5d-f072749e6ae9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 4BB4 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=09da5ee5-8e2c-4aaa-939b-a9aed0b15f8c
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame 4BB4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=72d8a20a-9b01-4683-9fc5-e8577e89ca3d
  • https://pippio.com/api/sync?pid=5324&it=1&iv=fbe365a26dff210189195752cfaf0fc7d340d788bee626f0d42495c5dd22b5fb791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmYmUzNjVhMjZkZmYyMTAxODkxOTU3NTJjZmFmMGZjN2QzNDBkNzg4YmVlNjI2ZjBkNDI0OTVjNWRkMjJiNWZiNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmYmUzNjVhMjZkZmYyMTAxODkxOTU3NTJjZmFmMGZjN2QzNDBkNzg4YmVlNjI2ZjBkNDI0OTVjNWRkMjJiNWZiNzkxNDI2YjU0MTdkY2UyMRAAGgwIhvyEpAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=8ee6b949-4b46-4379-beb8-acfbc8a9520c
42 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=8ee6b949-4b46-4379-beb8-acfbc8a9520c
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=8ee6b949-4b46-4379-beb8-acfbc8a9520c
date
Thu, 08 Jun 2023 02:33:43 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 4BB4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=4631962839502029404
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=4631962839502029404
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a71802d1-3ea0-4da3-8ca2-23d6a6c4a26a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=4631962839502029404
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4BB4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4002824441890281612&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4002824441890281612&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4002824441890281612&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 400F 		85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 08 Jun 2023 02:33:42 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4563-YYZ
x-timer
S1686191622.493219,VS0,VE18
Pug
image2.pubmatic.com/AdServer/ Frame 0FB2
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907266893378216
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907266893378216
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 08 Jun 2023 02:33:42 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907266893378216
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
s.amazon-adsystem.com/ Frame F00B 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=814511A8-C31A-4637-B47D-25B872926F86&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 08 Jun 2023 02:33:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
RR7R07TBXNSF8RH73A2E
Pug
image2.pubmatic.com/AdServer/ Frame 3F56
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBWllVN0pBbndBQUNCcTcyZE1BQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAZYU7JAnwAACBq72dMAA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAZYU7JAnwAACBq72dMAA&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAZYU7JAnwAACBq72dMAA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5249688979620387262&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAAZYU7JAnwAACBq72dMAA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D5249688979620387262%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=5249688979620387262&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAZYU7JAnwAACBq72dMAA&gdpr=0&gdpr_consent=
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAZYU7JAnwAACBq72dMAA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 08 Jun 2023 02:33:43 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAZYU7JAnwAACBq72dMAA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 22C5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2c146481-3e06-4900-8289-22511a19c681&gdpr=0&gdpr_consent=
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2c146481-3e06-4900-8289-22511a19c681&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 08 Jun 2023 02:33:42 GMT
Expires
Thu, 08 Jun 2023 02:33:41 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 933 7933424 master iad-pixel-x8 config_version:"981"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2c146481-3e06-4900-8289-22511a19c681&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 1169
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4631962839502029404&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4631962839502029404&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
117a5029-17f8-41e0-b96a-cc4cf6e82089
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 08 Jun 2023 02:33:42 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4631962839502029404&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame D570
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e26abfe0-05a4-11ee-bade-24febccff229
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:86998ab2-67ac-4860-b5b1-c0e04acbcb2d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:86998ab2-67ac-4860-b5b1-c0e04acbcb2d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Thu, 08 Jun 2023 02:33:43 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:86998ab2-67ac-4860-b5b1-c0e04acbcb2d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
141
match.deepintent.com/usersync/ Frame 4AC4 		0
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Thu, 08 Jun 2023 02:33:41 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
image2.pubmatic.com/AdServer/ Frame EBCB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nhqU2ZtLnN6FF86NnRaBi84cyt2FHJndnh45KPhH
42 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nhqU2ZtLnN6FF86NnRaBi84cyt2FHJndnh45KPhH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 08 Jun 2023 02:33:42 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nhqU2ZtLnN6FF86NnRaBi84cyt2FHJndnh45KPhH
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
usersync.aspx
dis.criteo.com/dis/ Frame C99A 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 02:33:42 GMT
expires
Thu, 08 Jun 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
493013
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7100
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=dc072b6d-f6c5-4e02-a8d6-ad0fd77abb05&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=dc072b6d-f6c5-4e02-a8d6-ad0fd77abb05&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Thu, 08 Jun 2023 02:33:42 GMT
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 08 Jun 2023 02:33:42 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=dc072b6d-f6c5-4e02-a8d6-ad0fd77abb05&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Server
Kestrel
Pug
simage2.pubmatic.com/AdServer/ Frame 819F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=QmPwlEyTXoVQwRwNm3kqx5U4mbg&gdpr=0&gdpr_consent=
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=QmPwlEyTXoVQwRwNm3kqx5U4mbg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 08 Jun 2023 02:33:42 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=QmPwlEyTXoVQwRwNm3kqx5U4mbg&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame F1D1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6rjQHPZV1Q75t45&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:29601ca6-f1d9-4b30-843f-8161c2753544&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:29601ca6-f1d9-4b30-843f-8161c2753544&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Thu, 08 Jun 2023 02:33:43 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:29601ca6-f1d9-4b30-843f-8161c2753544&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
Pug
simage2.pubmatic.com/AdServer/ Frame 3588
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=788868412309
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=788868412309
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=788868412309
Pug
simage2.pubmatic.com/AdServer/ Frame 5834
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0eb2aef2-b7a7-465c-bd8c-dd115fa267c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0eb2aef2-b7a7-465c-bd8c-dd115fa267c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Thu, 08 Jun 2023 02:33:43 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0eb2aef2-b7a7-465c-bd8c-dd115fa267c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
Pug
simage2.pubmatic.com/AdServer/ Frame 2608
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 08 Jun 2023 02:33:42 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5671
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gUURqMMaRje0fSW4cpJvhg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=20338
accept-ranges
bytes
content-length
5554
expires
Thu, 08 Jun 2023 08:12:40 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 5671
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=814511A8-C31A-4637-B47D-25B872926F86
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Db7cac19b-b603-4e70-8c51-b566d7991c42%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4631962839502029404&pt=b7cac19b-b603-4e70-8c51-b566d7991c42%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4631962839502029404&pt=b7cac19b-b603-4e70-8c51-b566d7991c42%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d95885c1-eeaa-4c58-9ba1-c11d03f8b201
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4631962839502029404&pt=b7cac19b-b603-4e70-8c51-b566d7991c42%2C%2C
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 5671 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=814511A8-C31A-4637-B47D-25B872926F86&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame 5671
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=814511A8-C31A-4637-B47D-25B872926F86&vxii_pid=12&vxii_pid1=10067&vxii_rcid=a1fc2586-c334-45bf-a43e-de6f79a70405
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=814511A8-C31A-4637-B47D-25B872926F86&vxii_pid=12&vxii_pid1=10067&vxii_rcid=a1fc2586-c334-45bf-a43e-de6f79a70405
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
3.233.21.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-21-199.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Thu, 08 Jun 2023 02:33:42 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=814511A8-C31A-4637-B47D-25B872926F86&vxii_pid=12&vxii_pid1=10067&vxii_rcid=a1fc2586-c334-45bf-a43e-de6f79a70405
date
Thu, 08 Jun 2023 02:33:42 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 5671
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODE0NTExQTgtQzMxQS00NjM3LUI0N0QtMjVCODcyOTI2Rjg2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5671
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOl-y4BpPf148Kae20Mt1MM&google_cver=1
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOl-y4BpPf148Kae20Mt1MM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOl-y4BpPf148Kae20Mt1MM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5671
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C32E470096D84A26A5A2953E26E1FE82
42 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C32E470096D84A26A5A2953E26E1FE82
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C32E470096D84A26A5A2953E26E1FE82
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 07 Jun 2023 02:33:42 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5671
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3786651659776497804&gdpr=0&gdpr_consent=&us_privacy=
1 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3786651659776497804&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3786651659776497804&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 5671
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b34041a6-af38-4471-a315-26c52a34e8cb&gdpr=0&gdpr_consent=
42 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b34041a6-af38-4471-a315-26c52a34e8cb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b34041a6-af38-4471-a315-26c52a34e8cb&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 5671
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=814511A8-C31A-4637-B47D-25B872926F86&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-r.G9Y8pE2uXKdoT3VaE7ORlC_Wh87UE-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-r.G9Y8pE2uXKdoT3VaE7ORlC_Wh87UE-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-r.G9Y8pE2uXKdoT3VaE7ORlC_Wh87UE-~A&gdpr=0
date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
814511A8-C31A-4637-B47D-25B872926F86
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5671 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/814511A8-C31A-4637-B47D-25B872926F86?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:ad8e:c57c:f41b:3e87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 5671
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1277e1e5cb0723cb&is_secure=true&networkId=17100&version=1&nuid=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMt2Bu-3RrPAMcPFOVAAAAAAA&expiration=1686278022&nuid=814511A8-C31A-4637-B47D-25B872926F86&...
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMt2Bu-3RrPAMcPFOVAAAAAAA&expiration=1686278022&nuid=814511A8-C31A-4637-B47D-25B872926F86&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMt2Bu-3RrPAMcPFOVAAAAAAA&expiration=1686278022&nuid=814511A8-C31A-4637-B47D-25B872926F86&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5671
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=87de3df3-e2af-46c9-a49e-b3655b72ede0&gdpr=0&gdpr_consent=
1 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=87de3df3-e2af-46c9-a49e-b3655b72ede0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=87de3df3-e2af-46c9-a49e-b3655b72ede0&gdpr=0&gdpr_consent=
Date
Thu, 08 Jun 2023 02:33:42 GMT
Connection
keep-alive
X-CI-RTID
07ecf741-b1ce-4f81-83d1-e9540c810c94
Content-Length
205
Content-Type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 5671 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.147.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-147-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5671
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968907266893378216&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6df6bfba-8d99-4840-9353-a097ef652909&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6df6bfba-8d99-4840-9353-a097ef652909&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6df6bfba-8d99-4840-9353-a097ef652909&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 08 Jun 2023 02:33:43 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 5671
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e9fea58d-d953-402c-966e-3a51d9f8767b-64813e06-4341&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fa35321c-afbf-49b0-82f9-ec4ad716d5eb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fa35321c-afbf-49b0-82f9-ec4ad716d5eb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fa35321c-afbf-49b0-82f9-ec4ad716d5eb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 08 Jun 2023 02:33:43 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sn.ashx
pmp.mxptint.net/ Frame 5671
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_103ECB19B_119C40225&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
HTTP/1.1
Server
38.98.69.175 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-369196406; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-369196406; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 5671
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8382746492207882041
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8d0f88b5-cb6c-4ff2-8062-04930aefb8da&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8d0f88b5-cb6c-4ff2-8062-04930aefb8da&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8d0f88b5-cb6c-4ff2-8062-04930aefb8da&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 08 Jun 2023 02:33:43 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
rum
dsum-sec.casalemedia.com/ Frame 6D73
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b34041a6-af38-4471-a315-26c52a34e8cb&expiration=1688783622&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b34041a6-af38-4471-a315-26c52a34e8cb&expiration=1688783622&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b34041a6-af38-4471-a315-26c52a34e8cb&expiration=1688783622&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 6D73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIE-BmLM1L-R1bfTJov76gAAABkAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPxJThdHQ-1MqKDY20i6EbY&google_cver=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPxJThdHQ-1MqKDY20i6EbY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPxJThdHQ-1MqKDY20i6EbY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6D73 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIE-BmLM1L-R1bfTJov76gAAABkAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
94WE93QXG8VA5FYY8H4S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6D73
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIE.BmLM1L.R1bfTJov76gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHalP-TlB5Qp47SPItJyJsc&google_cver=1&google_hm=2
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHalP-TlB5Qp47SPItJyJsc&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHalP-TlB5Qp47SPItJyJsc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 6D73
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=0a26c837-ae76-4667-85cc-15af33f4d392
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=0a26c837-ae76-4667-85cc-15af33f4d392
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Thu, 08 Jun 2023 02:32:42 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=0a26c837-ae76-4667-85cc-15af33f4d392
cache-control
private,no-cache
content-length
222
expires
-1
ZIE-BmLM1L-R1bfTJov76gAAABkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6D73
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIE-BmLM1L-R1bfTJov76gAAABkAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZIE-BmLM1L-R1bfTJov76gAAABkAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZIE-BmLM1L-R1bfTJov76gAAABkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
2600:1f18:4e9:5a05:ad8e:c57c:f41b:3e87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZIE-BmLM1L-R1bfTJov76gAAABkAAAAB
date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 6D73
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=e26abfe0-05a4-11ee-bade-24febccff229
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=e26abfe0-05a4-11ee-bade-24febccff229
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=e26abfe0-05a4-11ee-bade-24febccff229
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-4
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 6D73
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZIE.BmLM1L.R1bfTJov76gAA%26025&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a909008d-e9c1-4430-b5d8-3fd77bd00b64-tuctb7ac386
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a909008d-e9c1-4430-b5d8-3fd77bd00b64-tuctb7ac386
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a909008d-e9c1-4430-b5d8-3fd77bd00b64-tuctb7ac386
date
Thu, 08 Jun 2023 02:33:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21862
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6D73 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZIE.BmLM1L.R1bfTJov76gAA%26025
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Flele43kg.click%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
27481
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d3dbb498f68ab3d-YYZ
content-length
43
expires
Fri, 09 Jun 2023 02:33:42 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
21c1d2201d56a83c3101c60806f0b6516625ae35e1c9a88c90db8c09412febf5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lele43kg.click
date
Thu, 08 Jun 2023 02:33:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
dcm
aax-eu.amazon-adsystem.com/s/ Frame B849 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V62542TTGFDGRY6C7WB7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B849
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ4oQeQ2IV7hf56oRoimHao&google_cver=1
42 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ4oQeQ2IV7hf56oRoimHao&google_cver=1
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ4oQeQ2IV7hf56oRoimHao&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B849
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/p05fRzY7ZOhL2k3Vd9Vk9g?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Vr8KYKdE2oJVpxhEicUGdcmIWPZfkv4sPLYN0Q--~A
42 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Vr8KYKdE2oJVpxhEicUGdcmIWPZfkv4sPLYN0Q--~A
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Vr8KYKdE2oJVpxhEicUGdcmIWPZfkv4sPLYN0Q--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame B849
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b34041a6-af38-4471-a315-26c52a34e8cb&gdpr=0&gdpr_consent=&expires=30
42 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b34041a6-af38-4471-a315-26c52a34e8cb&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b34041a6-af38-4471-a315-26c52a34e8cb&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame B849
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2YyYzNhMDllZmFhYmQ5MDY2OTk4Mzg3ZjFmMjAxZDA1MTk0YTk2OA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2YyYzNhMDllZmFhYmQ5MDY2OTk4Mzg3ZjFmMjAxZDA1MTk0YTk2OA
Protocol
H3
Server
142.251.40.194 East White Plains, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2YyYzNhMDllZmFhYmQ5MDY2OTk4Mzg3ZjFmMjAxZDA1MTk0YTk2OA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame B849
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMIYBWU-D-5ZWW
0
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMIYBWU-D-5ZWW
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: DDB61CBFEBCA4E439F157083073785ED Ref B: YMQ01EDGE0809 Ref C: 2023-06-08T02:33:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX9lRSzydLUyyR+Cmvj7w==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMIYBWU-D-5ZWW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame B849
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=G9vHcm-IR-CF4JnSvrWU0A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G9vHcm-IR-CF4JnSvrWU0A
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G9vHcm-IR-CF4JnSvrWU0A
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
199E8074XV1XDFVWS9EM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G9vHcm-IR-CF4JnSvrWU0A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B849
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElNSVlCV1UtRC01WldX
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPvwwnTzfpr2kQzfV13sKu0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNSVlCV1UtRC01WldX&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNSVlCV1UtRC01WldX&google_push=
Protocol
H3
Server
142.251.40.194 East White Plains, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNSVlCV1UtRC01WldX&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
usync.html
eus.rubiconproject.com/ Frame 2227
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Jun 2023 02:33:42 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 08 Jun 2023 02:33:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
server-timing
ak_p; desc="1686191622633_389431368_79566607_9_437_21_0_255";dur=1
match
events-ssc.33across.com/ Frame 5BDE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4585e617-3341-4ca1-b1ef-309b2791d10e&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:43 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5BDE
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1686191622503.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=2c146481-3e06-4900-8289-22511a19c681
68 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=2c146481-3e06-4900-8289-22511a19c681
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
MT3 933 7933424 master iad-pixel-x9 config_version:"981"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=2c146481-3e06-4900-8289-22511a19c681
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 08 Jun 2023 02:33:41 GMT
match
events-ssc.33across.com/ Frame 5BDE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-MOWWmuxE2uGLKmc6PqP7jzQ8ZugokZz_~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-MOWWmuxE2uGLKmc6PqP7jzQ8ZugokZz_%7EA&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-MOWWmuxE2uGLKmc6PqP7jzQ8ZugokZz_%7EA&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-MOWWmuxE2uGLKmc6PqP7jzQ8ZugokZz_%7EA&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5BDE
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=13e9b3f2147322b5&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMVJx7GF0CtQN8gqoHAAAAAAA&expiration=1686278022&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMVJx7GF0CtQN8gqoHAAAAAAA&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMVJx7GF0CtQN8gqoHAAAAAAA&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMVJx7GF0CtQN8gqoHAAAAAAA&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5BDE
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=900646733431918560144
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=900646733431918560144&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=900646733431918560144&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=900646733431918560144&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
xuid
eb2.3lift.com/ Frame 4127
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=b34041a6-af38-4471-a315-26c52a34e8cb&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=b34041a6-af38-4471-a315-26c52a34e8cb&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=b34041a6-af38-4471-a315-26c52a34e8cb&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 4127
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAwNjQ2NzMzNDMxOTE4NTYwMTQ0
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4127
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGnGk375HOAnMeTUAPsXqO0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGnGk375HOAnMeTUAPsXqO0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGnGk375HOAnMeTUAPsXqO0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4127
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAwNjQ2NzMzNDMxOTE4NTYwMTQ0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAwNjQ2NzMzNDMxOTE4NTYwMTQ0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Protocol
H3
Server
142.251.40.194 East White Plains, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAwNjQ2NzMzNDMxOTE4NTYwMTQ0
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 4127
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=900646733431918560144&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=900646733431918560144&dbredirect=true&gdpr=0&consent=&cookiesTest=true
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=900646733431918560144&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: BA2DC1D1A8E148A983F79D3EC2E6D1D9 Ref B: YMQ01EDGE0809 Ref C: 2023-06-08T02:33:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX9lRS1aIYWYY+hXwQP4A==

Redirect headers

date
Thu, 08 Jun 2023 02:33:42 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 692CB81BDE4B4A0CB71B363A3816B00F Ref B: YMQ01EDGE0809 Ref C: 2023-06-08T02:33:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
/setuid?partner=tripleliftdbredirect&tlUid=900646733431918560144&dbredirect=true&gdpr=0&consent=&cookiesTest=true
x-li-proto
http/2
content-length
0
x-li-uuid
AAX9lRSy3LQZBlg+8Om/Sg==
xuid
eb2.3lift.com/ Frame 4127
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=900646733431918560144&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4585e617-3341-4ca1-b1ef-309b2791d10e&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 08 Jun 2023 02:33:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 4127 		42 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=900646733431918560144&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
last-modified
Tue, 06 Jun 2023 17:34:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3BD7575CE84646FF954BBB46D04CD6E8 Ref B: YMQ01EDGE0608 Ref C: 2023-06-08T02:33:42Z
etag
"4729cb259d98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 4127
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/900646733431918560144?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-DtAyErRE2oRruSfeEpgQr3Fx0M53k.SikaqYhXq.qA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-DtAyErRE2oRruSfeEpgQr3Fx0M53k.SikaqYhXq.qA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-DtAyErRE2oRruSfeEpgQr3Fx0M53k.SikaqYhXq.qA--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 4127
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=liPiJbp-cuxdTIr1KPrS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NRUVA2KKMJYC2...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=liPiJbp-cuxdTIr1KPrS
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=liPiJbp-cuxdTIr1KPrS
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:43 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=liPiJbp-cuxdTIr1KPrS
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 4127
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4631962839502029404&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4631962839502029404&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
db4f02bb-b2e3-4c47-9ed5-bbc9a1234fa5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=4631962839502029404&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame 4127 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=88&uid=900646733431918560144
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
180344179
access-control-allow-origin
https://eb2.3lift.com/
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame A897 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cdf7e002d5ca9f1084402203a4059e230cbdccf6b248a4fb6214780d513a785d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Jun 2023 11:55:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33704
Connection
keep-alive
Content-Length
10113
Expires
Thu, 08 Jun 2023 11:55:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 93F8
Redirect Chain
  • https://id.a-mx.com/usync?uid=1080a888-fdbd-4f30-873e-e8f15b92e8e7&gdpr_consent=
  • https://prebid.a-mo.net/cchain/0
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3a95b8b6-7082-4b3b-9e2b-27c4642f34fd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3a95b8b6-7082-4b3b-9e2b-27c4642f34fd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3a95b8b6-7082-4b3b-9e2b-27c4642f34fd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 08 Jun 2023 02:33:43 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
setuid
prebid.a-mo.net/ Frame 93F8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=1080a888-fdbd-4f30-873e-e8f15b92e8e7&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26u...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26u...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=836f6ed5-e911-529f-a3a3-0b0ac722350d&ssp=adaptmx&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=0&gdpr_consent=&us_privacy=
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=0&gdpr_consent=&us_privacy=
Date
Thu, 08 Jun 2023 02:33:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame 93F8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=1080a888-fdbd-4f30-873e-e8f15b92e8e7
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-iEl_BzRE2uGV4RzU3WbpqPLpTaqxpsV8im6l3YY-~A&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-iEl_BzRE2uGV4RzU3WbpqPLpTaqxpsV8im6l3YY-~A&gdpr=0
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-iEl_BzRE2uGV4RzU3WbpqPLpTaqxpsV8im6l3YY-~A&gdpr=0
date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 93F8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=LIMIYBWU-D-5ZWW&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LIMIYBWU-D-5ZWW&gdpr=0
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LIMIYBWU-D-5ZWW&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
cookie
cm.adform.net/ Frame 93F8 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1080a888-fdbd-4f30-873e-e8f15b92e8e7%26bidder%3Dadform%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
prebid.a-mo.net/ Frame 93F8
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1080a888-fdbd-4f30-873e-e8f15b92e8e7%26bidder%...
  • https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=smartadserver&uid=5249688979620387262
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=smartadserver&uid=5249688979620387262
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=smartadserver&uid=5249688979620387262
date
Thu, 08 Jun 2023 02:33:42 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 93F8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4631962839502029404
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1080a888-fdbd-4f30-873e-e8f15b92e8e7%26bidder%3Dpubmatic%26uid%3D814511A8-C31A-4637-B...
  • https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=pubmatic&uid=814511A8-C31A-4637-B47D-25B872926F86
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=pubmatic&uid=814511A8-C31A-4637-B47D-25B872926F86
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=pubmatic&uid=814511A8-C31A-4637-B47D-25B872926F86
date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 93F8
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1080a888-fdbd-4f30-873e-e8f15b92e8e7%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=index_rtb&uid=ZIE.BmLM1L.R1bfTJov76gAA%26025
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=index_rtb&uid=ZIE.BmLM1L.R1bfTJov76gAA%26025
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=index_rtb&uid=ZIE.BmLM1L.R1bfTJov76gAA%26025
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
setuid
prebid.a-mo.net/ Frame 93F8
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1080a888-fdbd-4f30-873e-e8f15b92e8e7%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=sovrn&uid=Gx3ZbBZHkDR_nnX7RLOr2mvA
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=sovrn&uid=Gx3ZbBZHkDR_nnX7RLOr2mvA
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:41 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=sovrn&uid=Gx3ZbBZHkDR_nnX7RLOr2mvA
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame 93F8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1080a888-fdbd-4f30-873e-e8f15b92e8e7%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=appnexus&uid=4631962839502029404
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=appnexus&uid=4631962839502029404
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
705d1795-4158-4946-a9ee-68b3d31ffa0c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://prebid.a-mo.net/setuid?A=1080a888-fdbd-4f30-873e-e8f15b92e8e7&bidder=appnexus&uid=4631962839502029404
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 93F8 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=1080a888-fdbd-4f30-873e-e8f15b92e8e7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:42 GMT
AN-X-Request-Uuid
bf2ef473-e93d-45cf-b99c-06e7535118b8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 93F8 		86 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=1080a888-fdbd-4f30-873e-e8f15b92e8e7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
content-length
86
content-type
image/png
setuid
prebid-server.rubiconproject.com/ Frame 93F8 		86 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=1080a888-fdbd-4f30-873e-e8f15b92e8e7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.41.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-41-166.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Jun 2023 02:33:42 GMT
usync.html
eus.rubiconproject.com/ Frame DB94
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Jun 2023 02:33:42 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 08 Jun 2023 02:33:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
server-timing
ak_p; desc="1686191622795_389431368_79567424_13_664_20_0_255";dur=1
match
events-ssc.33across.com/ Frame DDB2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=06dd0459-939d-426d-8412-cf897203e0a1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame DDB2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-MOWWmuxE2uGLKmc6PqP7jzQ8ZugokZz_~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-MOWWmuxE2uGLKmc6PqP7jzQ8ZugokZz_%7EA&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-MOWWmuxE2uGLKmc6PqP7jzQ8ZugokZz_%7EA&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-MOWWmuxE2uGLKmc6PqP7jzQ8ZugokZz_%7EA&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame DDB2
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=68a136e21ba7212c&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMu6PTwWw0mAMWn7lZAAAAAAA&expiration=1686278022&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMu6PTwWw0mAMWn7lZAAAAAAA&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMu6PTwWw0mAMWn7lZAAAAAAA&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMu6PTwWw0mAMWn7lZAAAAAAA&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame DDB2
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=900646733431918560144
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=900646733431918560144&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=900646733431918560144&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=900646733431918560144&ts=1686191622&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
services
sync.technoratimedia.com/ Frame DDB2
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1686191622647.&ri=0014000001aXjnGAAS&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D...
  • https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212179885728245
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212179885728245
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
182370057
access-control-allow-origin
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212179885728245
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame DDB2
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1686191622647.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=2c146481-3e06-4900-8289-22511a19c681
68 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=2c146481-3e06-4900-8289-22511a19c681
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
Server
MT3 933 7933424 master iad-pixel-x4 config_version:"981"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=2c146481-3e06-4900-8289-22511a19c681
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 08 Jun 2023 02:33:41 GMT
services
uat-net.technoratimedia.com/ Frame A897
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi&khaos=LIMIYBWU-D-5ZWW
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LIMIYBWU-D-5ZWW
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LIMIYBWU-D-5ZWW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
182111748
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LIMIYBWU-D-5ZWW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
usync.js
eus.rubiconproject.com/ Frame 2227 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cdf7e002d5ca9f1084402203a4059e230cbdccf6b248a4fb6214780d513a785d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Thu, 08 Jun 2023 02:33:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Jun 2023 11:55:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33704
Connection
keep-alive
Content-Length
10113
Expires
Thu, 08 Jun 2023 11:55:26 GMT
369.json
id5-sync.com/g/v2/ 		595 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/b1ad8512-0208-404a-8bef-42066664235a/dfc06b84-7d75-47a0-b19f-3c65ab9977b0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
90c85c9ad8651588701a337fd9c676c47072aee9b4a256ad218d25688ffb6291
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://lele43kg.click
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
match
events-ssc.33across.com/ Frame 2227
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LIMIYBWU-D-5ZWW
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LIMIYBWU-D-5ZWW
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LIMIYBWU-D-5ZWW&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LIMIYBWU-D-5ZWW&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LIMIYBWU-D-5ZWW&ts=1686191623&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame DB94 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cdf7e002d5ca9f1084402203a4059e230cbdccf6b248a4fb6214780d513a785d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Thu, 08 Jun 2023 02:33:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Jun 2023 11:55:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33703
Connection
keep-alive
Content-Length
10113
Expires
Thu, 08 Jun 2023 11:55:26 GMT
syncframe
gum.criteo.com/ Frame BD56 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lele43kg.click
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://lele43kg.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 02:33:42 GMT
server
Kestrel
server-processing-duration-in-ticks
376464
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Jun 2023 02:33:43 GMT
sid
mug.criteo.com/ Frame BD56
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lele43kg.click&sn=ChromeSyncframe&so=0&topUrl=lele43kg.click&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=uvEncnxiZkpNeGFkenRZcE56R012ajBIVmV1eTQvQ2hxWlpHUExpZ0k1VVMwaWkvT0pscXFMRGRDaXZCdTQwMjRmemFQU2hWZFZoSTlCNXJFL2FKZHpQQWRlLzZpNnFpQjdiNG5zRUQzYXQwR2FDNXZBVG5TWW9yMHcrbF...
444 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=uvEncnxiZkpNeGFkenRZcE56R012ajBIVmV1eTQvQ2hxWlpHUExpZ0k1VVMwaWkvT0pscXFMRGRDaXZCdTQwMjRmemFQU2hWZFZoSTlCNXJFL2FKZHpQQWRlLzZpNnFpQjdiNG5zRUQzYXQwR2FDNXZBVG5TWW9yMHcrbFAzM0kxajE3K1VDejlWR2treWlqMFcyM0tzZm5jeU93ZFlBQXBZTjBGd0V0MS81ZmlCVG5hbnFkcGZrNHZ3ZDNlZkhlMkZidUx3am5nM1g1a0hIVWppNG5yNEVXTk5GNlRBbEZMYlNkZU4xN3NDWFNWRnNkNXRpNVdQV2tLaElLa0U1YU0ydnV6cWcyd1g4ZkVGU2NJUmRTbWFsaFVGdz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
51f2731ac69c6df19292ba876b0fe1f08256f6098dc7c389a8698d4fe66e2207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2567108
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=uvEncnxiZkpNeGFkenRZcE56R012ajBIVmV1eTQvQ2hxWlpHUExpZ0k1VVMwaWkvT0pscXFMRGRDaXZCdTQwMjRmemFQU2hWZFZoSTlCNXJFL2FKZHpQQWRlLzZpNnFpQjdiNG5zRUQzYXQwR2FDNXZBVG5TWW9yMHcrbFAzM0kxajE3K1VDejlWR2treWlqMFcyM0tzZm5jeU93ZFlBQXBZTjBGd0V0MS81ZmlCVG5hbnFkcGZrNHZ3ZDNlZkhlMkZidUx3am5nM1g1a0hIVWppNG5yNEVXTk5GNlRBbEZMYlNkZU4xN3NDWFNWRnNkNXRpNVdQV2tLaElLa0U1YU0ydnV6cWcyd1g4ZkVGU2NJUmRTbWFsaFVGdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
673516
content-length
0
expires
0
async_usersync
ib.adnxs.com/ Frame D5A2 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:43 GMT
AN-X-Request-Uuid
824c72e7-3cd8-4b64-9e9e-bf9d56333bb7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
40c1ddd3-f53e-4cc2-99cf-8551b04a81fa.js
product.instiengage.com/ceu-code/ Frame FA7F 		370 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/ceu-code/40c1ddd3-f53e-4cc2-99cf-8551b04a81fa.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/b1ad8512-0208-404a-8bef-42066664235a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:3000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e1181b39902ae448afb2f60edda18397ea1f22460a4008e6ff235a69fc7e39b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
uttAF0GqDGoe_tVvZbLEfwR24x4_xoAo
content-encoding
br
via
1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront)
date
Thu, 08 Jun 2023 02:29:53 GMT
last-modified
Wed, 07 Jun 2023 06:49:04 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
232
x-amz-server-side-encryption
AES256
etag
W/"50cb7515ea0128d4920ce773b423d451"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600,public
x-amz-cf-id
Q8R5kMJ24YBbxbgE5EL4ptglo5OWpp1D7a10laoSgdvDZ7jLm-Xb5g==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=925427095&t=pageview&_s=1&dl=https%3A%2F%2Flele43kg.click%2F&dp=%2Fb1ad8512-0208-404a-8bef-42066664235a&ul=en-us&de=UTF-8&dt=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes%20%7C%20Human%20Interest%20%7C%20lafourchegazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAQCAGAAIAB~&jid=1831125052&gjid=1387682180&cid=721314313.1686191619&tid=UA-123718506-11&_gid=897224393.1686191619&_r=1&_slc=1&z=481520584
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lele43kg.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.instiengage.com/json/ Frame FA7F 		230 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/40c1ddd3-f53e-4cc2-99cf-8551b04a81fa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.37.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-37-79.compute-1.amazonaws.com
Software
/
Resource Hash
d7112c31b1f0ef0b5ea9e9eaf35a1dc4f70eb55c3f2a20a97f2bfccc4577c489

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://lele43kg.click
date
Thu, 08 Jun 2023 02:33:44 GMT
access-control-allow-credentials
true
x-database-date
Wed, 07 Jun 2023 13:33:31 GMT
content-length
230
vary
Origin
content-type
application/json
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame FA7F 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:6400:17:5bae:c7c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7ed7ef9182dc5206d1b7a8038bcfe2b57fc1be96d78b75152e9b713ca4ef2d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
T2IjPTIo4qchLnC2G3GrIcEa98kcWaxz
date
Thu, 08 Jun 2023 02:31:36 GMT
via
1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
last-modified
Wed, 13 Jul 2022 16:30:10 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C2
age
129
etag
"591958545714b5567fc57c2f4c215b1c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
REPLICA
accept-ranges
bytes
content-length
3973
x-amz-cf-id
jqWp4-fZ8RSKHgcXMY1i30duxRnADHDaNqQT1TvKsuvN6ke9SYJxgQ==
icon-check.png
static.instiengage.com/files/images/embed4.0/app/ Frame FA7F 		649 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/icon-check.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:6400:17:5bae:c7c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
LAzj2T9To4nJbbC7ZHWfpQpTuFxrgcvY
date
Thu, 08 Jun 2023 02:33:10 GMT
via
1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C2
age
37
etag
"b673377b664a0b33454c267d911fcfc1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
649
x-amz-cf-id
iiHLAx-BVzk0C1-pr0pbHcbogtXXt6DaoITT_ILb1OGSWQ_z9FX6EA==
graphic-ooc-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame FA7F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/graphic-ooc-opt.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:6400:17:5bae:c7c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
eOMnJSzBI81wb4OK.n4S.oHVD4IqRrSP
date
Thu, 08 Jun 2023 02:30:57 GMT
via
1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:05 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C2
age
168
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4833
x-amz-cf-id
5aqnI8-cMpQnyKlK9TTf9OXj3MzA-JfNYplpDtvfSO96nP8V9rd78g==
contents
cms.instiengage.com/v3/ Frame FA7F 		19 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.instiengage.com/v3/contents?embed_uuid=40c1ddd3-f53e-4cc2-99cf-8551b04a81fa&cookie_id=null&content_order=RANDOM&for_embed=true&content_count=20
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/40c1ddd3-f53e-4cc2-99cf-8551b04a81fa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.37.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-37-79.compute-1.amazonaws.com
Software
/
Resource Hash
236fbed5ec345b8aa7279f6e04d22f76a5064e35f62429879acebecac4139a02

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://lele43kg.click
date
Thu, 08 Jun 2023 02:33:44 GMT
access-control-allow-credentials
true
content-length
19114
vary
Origin
content-type
application/json
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-123718506-11&cid=721314313.1686191619&jid=1831125052&gjid=1387682180&_gid=897224393.1686191619&_u=aGDAAUABAAQCAGAAIAB~&z=756361509
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lele43kg.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 08 Jun 2023 02:33:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lele43kg.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-123718506-11&cid=721314313.1686191619&jid=1831125052&_u=aGDAAUABAAQCAGAAIAB~&z=925694353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-123718506-11&cid=721314313.1686191619&jid=1831125052&_u=aGDAAUABAAQCAGAAIAB~&z=925694353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lele43kg.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 5671 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=95054&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 02:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
e40eac7a-7f7b-4cdd-8829-f21384ce0e22
static.instiengage.com/client_images/fafaff06-d46c-4dfe-8eaa-a2d1e0de5400/ Frame FA7F 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/client_images/fafaff06-d46c-4dfe-8eaa-a2d1e0de5400/e40eac7a-7f7b-4cdd-8829-f21384ce0e22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:6400:17:5bae:c7c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d34497b0307b427413bf8f162dbed83f28e8657ee863bf57fdb92b861f2dc2a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
dTKPcCMXJyVyfcioIOzVHdVV8pS8r86W
date
Thu, 08 Jun 2023 02:33:45 GMT
via
1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2023 09:15:46 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C2
x-amz-server-side-encryption
AES256
etag
"ca0bf6d631f06b976d87b5c62f797e29"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
cache-control
max-age=3600,public
accept-ranges
bytes
content-length
159598
x-amz-cf-id
jdiuBeQ6MFnrtUQUBoeVRFLCYoyfJ7WQiCfFSDXhwWSMIhrZg3JnZA==
PugMaster
image6.pubmatic.com/AdServer/ Frame EB7A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99131282&p=156344&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
de64537041e8ff0b4acea4f79da71cba61d5510f6540f84426094f690388c3c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 08 Jun 2023 02:33:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
s.tribalfusion.com/z/ Frame 29CC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7d3dbb5bee26ece6-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7d3dbb5b2d01ece6-YUL
content-type
text/html
date
Thu, 08 Jun 2023 02:33:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
11
Pug
simage2.pubmatic.com/AdServer/ Frame 49E9
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7394731546
  • https://sync.1rx.io/usersync/tradedesk/b34041a6-af38-4471-a315-26c52a34e8cb
  • https://sync.targeting.unrulymedia.com/csync/RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005
42 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Thu, 08 Jun 2023 02:33:45 GMT
ETag
RX72a9fcf6ec7143c6a59401927ececd2a005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
Pug
image2.pubmatic.com/AdServer/ Frame 97BE
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=h5DgE261CqKl5rguCj6BZA
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=h5DgE261CqKl5rguCj6BZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 08 Jun 2023 02:33:46 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=h5DgE261CqKl5rguCj6BZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 35B1 		43 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 08 Jun 2023 02:33:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame FA54
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=cdeb25d2-bd1d-401c-8cb5-5c9394554111
1 B
73 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=cdeb25d2-bd1d-401c-8cb5-5c9394554111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 08 Jun 2023 02:33:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 08 Jun 2023 02:33:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=cdeb25d2-bd1d-401c-8cb5-5c9394554111
strict-transport-security
max-age=15724800; includeSubDomains
cookiesync
core.iprom.net/ Frame 6878 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 08 Jun 2023 02:33:45 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-f969bb5ebd91@version_1.553
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 4039 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 08 Jun 2023 02:33:45 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 15BE
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7394780251444984451&uid=Q739478025144498...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7394780251444984451
42 B
119 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7394780251444984451
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 08 Jun 2023 02:33:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=21147
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 08 Jun 2023 02:33:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7394780251444984451
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Server-Timing
ak_p; desc="1686191625574_389431434_249070620_9_364_17_18_-";dur=1
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame E4F6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C32E470096D84A26A5A2953E26E1FE82&gdpr=0&gdpr_consent=
1 B
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C32E470096D84A26A5A2953E26E1FE82&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 08 Jun 2023 02:33:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 08 Jun 2023 02:33:45 GMT
expires
Wed, 07 Jun 2023 02:33:45 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C32E470096D84A26A5A2953E26E1FE82&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
services
sync.technoratimedia.com/ Frame CF89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=45&uid=$UID$
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://ads.pubmatic.com/
age
0
date
Thu, 08 Jun 2023 02:33:45 GMT
server
nginx
via
1.1 varnish
x-varnish
189444390
sd
us-u.openx.net/w/1.0/ Frame EB7A 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame EB7A 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.26.99 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 02:33:45 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame EB7A 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.121.56 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 08 Jun 2023 02:33:45 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame EB7A 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=814511A8-C31A-4637-B47D-25B872926F86&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.67.170 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Thu, 08 Jun 2023 02:33:45 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
e44de670-05a4-11ee-8a08-02cb68868889
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-07e9a5417781fdb35
/
lele43kg.click/tncms/access/rules/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lele43kg.click/tncms/access/rules/
Requested by
Host: lele43kg.click
URL: https://lele43kg.click/shared-content/art/tncms/api/access.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business63-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lele43kg.click/
X-TNCMS-Access-Version
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 02:33:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
content-length
1238
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lele43kg.click
URL
https://lele43kg.click/css?family=Droid+Serif:300,400,600,700|Open+Sans:400,700,600&display=swap
Domain
www.lafourchegazette.com
URL
https://www.lafourchegazette.com/tncms/search/mlt/?origin=aa313dd6-abd9-11ed-b21d-275b1b45dd17&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube
Domain
assets.a-mo.net
URL
https://assets.a-mo.net/js/c.js
Domain
assets.a-mo.net
URL
https://assets.a-mo.net/js/c.js
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/pixel?tag=wt_Rk5ELXdpOHdpeFVjTkJ6TDhhM3J5OXltOGhjL2FteDozMDB4MjUw&v=5&s=v31h2cdkf18&id=eyJwcmViaWQiOnsiYWRJZCI6IjQ0YjkzNzc3NWVhZGFlNSIsImNwbSI6MC4wMDg1NTI0ODE1NDQ0MDg4ODEsInMiOiJkaXYtaW5zdGljYXRvci1hZC0xIiwic3JjIjoiY2xpZW50In0sInRwX2NyaWQiOiJQQjphbXg7NDE0NDU5MjQ5IiwiYWRvbWFpbiI6InlhaG9vLmNvbSJ9&cb=3536351&h=lele43kg.click&d=eyJ3aCI6IlJrNUVMWGRwT0hkcGVGVmpUa0o2VERoaE0zSjVPWGx0T0doakwyRnRlRG96TURCNE1qVXciLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJhbXgiXSwiaGJfc2l6ZSI6WyIzMDB4MjUwIl19fSwid3IiOjB9
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/pixel?tag=wt_Rk5ELXdpOHdpeFVjTkJ6TDhhM3J5OXltOGhjL2FteDozMDB4MjUw&v=5&s=v31h2cdkf2a&id=eyJwcmViaWQiOnsiYWRJZCI6IjQ1NDUxMWE4NWU3Yjg5ZiIsImNwbSI6MC4wMDk0MDc3Mjk2OTg4NDk3NywicyI6ImRpdi1pbnN0aWNhdG9yLWFkLTIiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOmFteDs0MTQ0NTkyNDkiLCJhZG9tYWluIjoieWFob28uY29tIn0%3D&cb=2430398&h=lele43kg.click&d=eyJ3aCI6IlJrNUVMWGRwT0hkcGVGVmpUa0o2VERoaE0zSjVPWGx0T0doakwyRnRlRG96TURCNE1qVXciLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJhbXgiXSwiaGJfc2l6ZSI6WyIzMDB4MjUwIl19fSwid3IiOjB9
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=88

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer object| _cc16192 object| LOTCC object| TNCMS function| $ function| jQuery function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o object| googletag object| gptAdSlots function| pageLoaded number| TNCMS_DotConnect_Tile object| TNCMS_Used_Ad boolean| TNCMS_PAGE_LOADED object| oReq object| aTemp string| sTemp string| regionType object| maillist_signup_config function| TNStats_Tracker object| TNTracker string| adType boolean| bFoundOrigin string| sOriginID string| sOriginURL object| sFirstID boolean| bFirstRun boolean| bShowAd boolean| bInfiniStop string| sInfinityType object| displayedRegions function| populateInfinitySet object| infWaypoint object| infinityContainer function| infinityAd function| scrubURL function| articleShareSticky object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| carouselInit_aa313dd6_abd9_11ed_b21d_275b1b45dd17_photo_modal function| copyLink function| withinviewport string| sMode_1088982 number| iAttempt number| iMaxAttempt boolean| bDmpTrack string| sImpressionPx object| socialReferrers string| referrer function| getRecommendations_1088982 function| shuffle_1088982 function| trackImpression object| tncms_aud object| Insticator undefined| hashSet undefined| urlHash undefined| data undefined| param undefined| dmpData object| analytics object| gaplugins object| _taboola object| ggeac object| google_js_reporting_queue object| insticatorCommentingUnitSettings object| settings object| federatedObj object| instBid object| confiant object| InsticatorXmess object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| TRC object| _tblConsole undefined| msg object| _comscore object| instBidChunk object| _pbjsGlobals object| Criteo object| InsticatorApp string| insticatorHeaderCodeVersion boolean| isPageviewSent object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| gaGlobal object| gaData undefined| google_measure_js_timing function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id undefined| trc_item_url object| TRCImpl number| taboola_view_id object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| COMSCORE object| ns_p string| sUserId object| _mNDetails number| lnt_z object| GoogleGcLKhOms object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_132 object| Criteo_prebid_132

227 Cookies

Domain/Path Name / Value
ad-cdn.technoratimedia.com/html Name: tads_tbla_bidi
Value: 1686191622329
.3lift.com/sync Name: sync
Value: CgoIoQEQ9ZLpxokxCgoI4gEQ9ZLpxokxCgoI5gEQ9ZLpxokxCgoIhwIQ9ZLpxokxCgkICRD1kunGiTEKCQg6EPWS6caJMQoJCAsQ9ZLpxokxCgoIjAIQ9ZLpxokxCgkIXxD1kunGiTEKCQgfEPWS6caJMQ==
lele43kg.click/ Name: plsVisitorGeo
Value: CA
lele43kg.click/ Name: plsVisitorCity
Value: Quebec
lele43kg.click/ Name: instiPubProvided
Value: e2f37a80-a919-4a5a-bb27-19a46c7b2fcc
lele43kg.click/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.lele43kg.click/ Name: _pubcid
Value: f4b2e235-ffc1-4f14-9a6a-a04c23359818
lele43kg.click/ Name: plsVisitorIp
Value: 149.56.153.184
.lele43kg.click/ Name: InstiSession
Value: eyJpZCI6IjFmNzI3YjY2LTlkOTctNDYwYS05MTk4LTUzM2I0NzQ5NDliZiIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
.openx.net/ Name: i
Value: f4b2e235-ffc1-4f14-9a6a-a04c23359818|1686191618
.lijit.com/ Name: ljt_reader
Value: Gx3ZbBZHkDR_nnX7RLOr2mvA
.lele43kg.click/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: OkD6KCdmh_BQUvb_UV4sfwVbbCcZSoDbKb_tnWwKCBO6HBs9VsZZfbyEEstj6rZa4hNJeODTsrRyrpDalL1a_rdRipBZ-W2arPu1ZvSLcHEqa9jqS-Y2Xw
.lele43kg.click/ Name: _ga
Value: GA1.2.721314313.1686191619
.lele43kg.click/ Name: _gid
Value: GA1.2.897224393.1686191619
.lele43kg.click/ Name: _dc_gtm_UA-54716522-7
Value: 1
.gumgum.com/ Name: vst
Value: u_f4a778f1-d736-425b-91f4-c298444b4d15
.lele43kg.click/ Name: _gat_UA-158134568-1
Value: 1
.rubiconproject.com/ Name: khaos
Value: LIMIYBWU-D-5ZWW
.go.sonobi.com/ Name: __uis
Value: d9412701-94e5-4cdb-9ec1-9bc534e67e66
.go.sonobi.com/ Name: _usd_lele43kg.click
Value: dc454970-901a-4685-818a-1fd964f32d25
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 58655586691080946
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 58655586691080946
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 58655586691080946
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 58655586691080946
.go.sonobi.com/ Name: HAPLB8A
Value: s85128|ZIE+B
.adnxs.com/ Name: icu
Value: ChgItO9fEAoYASABKAEwgvyEpAY4AUABSAEQgvyEpAYYAA..
.adnxs.com/ Name: uuid2
Value: 4631962839502029404
.technoratimedia.com/ Name: tads_uid
Value: 568200899A48499D9AF846BF5A46F6A4
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230331110957+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.scorecardresearch.com/ Name: UID
Value: 12A12e4a391ac409db2ef411686191619
.lele43kg.click/ Name: __gads
Value: ID=1e74e33e5c2fa27c:T=1686191618:RT=1686191618:S=ALNI_MaqjPSk20955tuN-NsG_MScPGv6kg
.lele43kg.click/ Name: __gpi
Value: UID=00000c455f47facc:T=1686191618:RT=1686191618:S=ALNI_MbSOI0uGfpEITv-9G_E5fCM0ha6JA
.prebid.a-mo.net/ Name: __amc
Value: 1_1686191618_1686191618
.a-mo.net/ Name: amuid2
Value: 1080a888-fdbd-4f30-873e-e8f15b92e8e7
.prebid.a-mo.net/ Name: sd_amuid2
Value: 1080a888-fdbd-4f30-873e-e8f15b92e8e7
.lele43kg.click/ Name: ajs_anonymous_id
Value: f1c6d86b-be1d-4274-a5fc-e513d5020f0b
.media.net/ Name: visitor-id
Value: 3291932191455225000V10
.doubleclick.net/ Name: IDE
Value: AHWqTUnVDPKIEadn_GD4YNBgq7MyCXmPYoNvE5re4ep9L8tRdFctd3GXnvE9AwGXEv8
.media.net/ Name: data-g
Value: CAESEKMg7ZYilO8UhqGPNrUblU0~~10
.csync.loopme.me/ Name: viewer_token
Value: 2bf58bee-ca3b-40ab-8e31-dd6b0cdc5d38
.media.net/ Name: data-lop
Value: 2bf58bee-ca3b-40ab-8e31-dd6b0cdc5d38~~1
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 20a2286ca93708e6ee003e4f2197572f
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDJINDKyMEtOtDQ2N7BINUtNNTAwTjVJMzK0NDc1N0pjAIKURjsWEA0BIqc%2F9MkxHqhj%2BM%2FIyLCwfZI2jN21fQJcfMsxBPtDw0S4%2BLn9k%2BDss8cRanYcQbC7zyDYmy4h7Hry4qMuzK5zRw8xw9g%2FNk5hgbF377ssAGMfXjwHLr56%2FVNumHjDo98GMPbkE%2Bow5rslCOXPkLQCAEP%2BYoc%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIabRjAVIQwMzArLELxOQ55AGiGNfNB5IASrEEdA%3D%3D"
.agkn.com/ Name: ab
Value: 0001%3ATpqDOZT91CU%2B7a2UqF6Jy1L0DpvmZ5YI
lele43kg.click/ Name: _lr_retry_request
Value: true
lele43kg.click/ Name: _lr_env_src_ats
Value: false
.adsrvr.org/ Name: TDID
Value: b34041a6-af38-4471-a315-26c52a34e8cb
lele43kg.click/ Name: pbjs-unifiedid
Value: %5Bobject%20Object%5D
.tapad.com/ Name: TapAd_TS
Value: 1686191622242
.tapad.com/ Name: TapAd_DID
Value: b7cac19b-b603-4e70-8c51-b566d7991c42
.intentiq.com/ Name: intentIQCDate
Value: 1686191622250
.intentiq.com/ Name: IQver
Value: 1.9
.openx.net/ Name: univ_id
Value: 537072971|b34041a6-af38-4471-a315-26c52a34e8cb|1686191622264096
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzIDUsbG5hZGhmZCfIa6QaXZjlXmxqnBXrmuALGewLUkAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzIDUsbG5hZGhmZCfIa6QaXZjlXmxqnBXrmuALGewLUkAAAA
.technoratimedia.com/ Name: tads_ipv6
Value: 2607:5300:60:7867::14
.33across.com/ Name: 33x_ps
Value: u%3D212179885728245%3As1%3D1686191622271%3Ats%3D1686191622271
.mathtag.com/ Name: uuid
Value: 2c146481-3e06-4900-8289-22511a19c681
.ads.pubmatic.com/ Name: KCCH
Value: YES
.bidswitch.net/ Name: tuuid
Value: 34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
.bidswitch.net/ Name: c
Value: 1686191622
.bidswitch.net/ Name: tuuid_lu
Value: 1686191622
.go.sonobi.com/ Name: __uir_td
Value: 58655599575982837
.go.sonobi.com/ Name: __uin_td
Value: b34041a6-af38-4471-a315-26c52a34e8cb
.yahoo.com/ Name: A3
Value: d=AQABBAY-gWQCELkSEcTmAfKECzSz_-1IXRUFEgEBAQGPgmSLZAAAAAAA_eMAAA&S=AQAAAj-wht7aUwWqEiR1VR3VFH4
.go.sonobi.com/ Name: __uir_eb
Value: 58655599575982837
.go.sonobi.com/ Name: __uin_eb
Value: CAESEFAlpnFkYuJ-fSN2ya4z7mQ||1
.contextweb.com/ Name: V
Value: b3OwQ2zeK7XC
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 96668a3efa1d94ca
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZIE_BgAAAVBsyQAD
.openx.net/ Name: pd
Value: v2|1686191622|mmiKbwuYvPvMeSgahEgKkWwrg2f8kegy
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.go.sonobi.com/ Name: __uir_zt
Value: 58655603870950134
.go.sonobi.com/ Name: __uin_zt
Value: 968907266893378216
.go.sonobi.com/ Name: __uir_mm
Value: 58655599575982837
.go.sonobi.com/ Name: __uin_mm
Value: 2c146481-3e06-4900-8289-22511a19c681
.go.sonobi.com/ Name: HAPLB8S
Value: s87156|ZIE+C
.go.sonobi.com/ Name: __uir_yh
Value: 58655599575982837
.go.sonobi.com/ Name: __uin_yh
Value: y-hirM3MxE2uHKwUjao0aYPXGegQculCfLsDZCDx0-~A
.taboola.com/ Name: t_gid
Value: a909008d-e9c1-4430-b5d8-3fd77bd00b64-tuctb7ac386
.media.net/ Name: data-sy
Value: 568200899A48499D9AF846BF5A46F6A4~~3
.amazon-adsystem.com/ Name: ad-id
Value: Az6OUfJeH0wXuMtSl6NvEu0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 814511A8-C31A-4637-B47D-25B872926F86
.pubmatic.com/ Name: DPSync3
Value: 1687392000%3A201_263_262%7C1686787200%3A248
.casalemedia.com/ Name: CMID
Value: ZIE.BmLM1L.R1bfTJov76gAA
.casalemedia.com/ Name: CMPS
Value: 025
.casalemedia.com/ Name: CMPRO
Value: 025
.technoratimedia.com/ Name: tads_uidp_77
Value: GycrulTaFCHCYDGbETvtMbP7Q478E2XAnSXvLNYBseo
.technoratimedia.com/ Name: tads_uidp_45
Value: BAD6476E-515C-40EF-942D-693B9AD99B7D
.technoratimedia.com/ Name: tads_uidp_70
Value: 1673948501052-981480834937-007220-006-006384
.technoratimedia.com/ Name: tads_uidp_64
Value: ImqXCjB90sHQHFSNiGF93bQv5TpJoAIu
.tynt.com/ Name: uid
Value: QxvX/GSBPgYDYEPCHe6ztQ==
.3lift.com/ Name: tluid
Value: 900646733431918560144
.id5-sync.com/ Name: callback
Value:
.360yield.com/ Name: tuuid
Value: ebe04054-6d62-42bf-bdf5-ba912b945d84
.360yield.com/ Name: tuuid_lu
Value: 1686191622
.aralego.com/ Name: sspid
Value: 3847c52f-0a8e-3bbf-a4bc-700cb1fe6d7b
.bidr.io/ Name: bitoIsSecure
Value: ok
.rlcdn.com/ Name: pxrc
Value: CIb8hKQGEgUI6EcQAA==
.go.sonobi.com/ Name: __uir_pp
Value: 58655599575982837
.go.sonobi.com/ Name: __uin_pp
Value: b3OwQ2zeK7XC
.ipredictive.com/ Name: cu
Value: 7f92afef-9364-4386-8150-dd0122f445b4|1686191622628
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EP4BCwGXKfijAA
.quantserve.com/ Name: mc
Value: 64813e06-9be58-cf2f5-25560
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4263f094-4c93-5e85-50c1-1c0d9b792ac7.6veRiwMdvX1eLcDKh3Jx5CkLvKtYSAw3pMxIhVgpop8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AQmPwlEyTXoVQwRwNm3kqx5U4mbg.tv35rrHUS9W%2BVxBgR8UpBvc5WgXFKoaeeRRWVDgjG0s
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AQmPwlEyTXoVQwRwNm3kqx5U4mbg.tv35rrHUS9W%2BVxBgR8UpBvc5WgXFKoaeeRRWVDgjG0s
.go.sonobi.com/ Name: __uir_bw
Value: 58655599575982837
.go.sonobi.com/ Name: __uin_bw
Value: 34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
.deepintent.com/ Name: CDIUSER
Value: di_20ede75b49b248548a700
.w55c.net/ Name: wfivefivec
Value: 6rjQHPZV1Q75t45
.bidr.io/ Name: bito
Value: AAAZYU7JAnwAACBq72dMAA
.acuityplatform.com/ Name: auid
Value: 788868412309
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRCYbJE+cmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUQmGyRPnI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.sitescout.com/ Name: ssi
Value: e9fea58d-d953-402c-966e-3a51d9f8767b#1686191622644
.adgrx.com/ Name: ADGRX_UID
Value: e26abfe0-05a4-11ee-bade-24febccff229
.mxptint.net/ Name: mxpim
Value: R33646_103ECB19B_119C40225.1.000000000000000064813E06
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ3_CHJt4BQgBXyr-d3M4nQm1J7sKREFqCI6_0_3Pnhyt4XAuImr2mp1q5JQC4TM1
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1686191622647%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1686191622647%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1686191622647%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1686191622647%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1686191622647%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1686191622647%7D%5D
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-b34041a6-af38-4471-a315-26c52a34e8cb&KRTB&22918-b34041a6-af38-4471-a315-26c52a34e8cb&KRTB&23031-b34041a6-af38-4471-a315-26c52a34e8cb
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4631962839502029404&KRTB&23339-4631962839502029404
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:2c146481-3e06-4900-8289-22511a19c681&KRTB&16736-uid:2c146481-3e06-4900-8289-22511a19c681&KRTB&23019-uid:2c146481-3e06-4900-8289-22511a19c681&KRTB&23114-uid:2c146481-3e06-4900-8289-22511a19c681
.simpli.fi/ Name: suid
Value: C32E470096D84A26A5A2953E26E1FE82
.turn.com/ Name: uid
Value: 3858709253814425740
.adnxs.com/ Name: anj
Value: dTM7k!M4.FEVNsVF']wIg2Hc!Y`sZP!1yIE'Yg-$<5F@jf]Iy-Z1..KDCB25DE33ZT-HaZT'NS)GPQ.R[lifhEs`[HFu@DuG.ir/Zj%4*#DIgl#Xsg:wyfHo
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiMTA4MGE4ODgtZmRiZC00ZjMwLTg3M2UtZThmMTViOTJlOGU3IiwiZXhwaXJlcyI6IjIwMjMtMDktMDZUMDI6MzM6NDJaIn19LCJiaXJ0aGRheSI6IjIwMjMtMDYtMDhUMDI6MzM6NDJaIn0=
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmFmaGloZmRkbmK4ShSJb2RmAABez_3HIAAAAA
.bing.com/ Name: MUID
Value: 3FFD9D80F13064861FEA8EAAF00B6593
.c.bing.com/ Name: MR
Value: 0
.zemanta.com/ Name: zuid
Value: liPiJbp-cuxdTIr1KPrS
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: pi
Value: 158355:3
.pubmatic.com/ Name: SPugT
Value: 1686191622
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:C32E470096D84A26A5A2953E26E1FE82&KRTB&23489-uid:C32E470096D84A26A5A2953E26E1FE82
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEOl-y4BpPf148Kae20Mt1MM&KRTB&22987-CAESEOl-y4BpPf148Kae20Mt1MM&KRTB&23025-CAESEOl-y4BpPf148Kae20Mt1MM&KRTB&23386-CAESEOl-y4BpPf148Kae20Mt1MM
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-nhqU2ZtLnN6FF86NnRaBi84cyt2FHJndnh45KPhH&KRTB&19420-nhqU2ZtLnN6FF86NnRaBi84cyt2FHJndnh45KPhH&KRTB&22979-nhqU2ZtLnN6FF86NnRaBi84cyt2FHJndnh45KPhH&KRTB&23462-nhqU2ZtLnN6FF86NnRaBi84cyt2FHJndnh45KPhH
.adform.net/ Name: uid
Value: 8382746492207882041
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-QmPwlEyTXoVQwRwNm3kqx5U4mbg&KRTB&23334-QmPwlEyTXoVQwRwNm3kqx5U4mbg&KRTB&23417-QmPwlEyTXoVQwRwNm3kqx5U4mbg&KRTB&23426-QmPwlEyTXoVQwRwNm3kqx5U4mbg
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-788868412309&KRTB&23428-788868412309
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33646_103ECB19B_119C40225&KRTB&23092-R33646_103ECB19B_119C40225
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-87de3df3-e2af-46c9-a49e-b3655b72ede0&KRTB&23011-87de3df3-e2af-46c9-a49e-b3655b72ede0&KRTB&23355-87de3df3-e2af-46c9-a49e-b3655b72ede0
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3786651659776497804&KRTB&23150-3786651659776497804
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMt2Bu-3RrPAMcPFOVAAAAAAA&KRTB&22713-AAAMt2Bu-3RrPAMcPFOVAAAAAAA&KRTB&22715-AAAMt2Bu-3RrPAMcPFOVAAAAAAA
.smartadserver.com/ Name: pid
Value: 5249688979620387262
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 68a136e21ba7212c
.thrtle.com/ Name: mc
Value: eyJpZCI6ImExZmMyNTg2LWMzMzQtNDViZi1hNDNlLWRlNmY3OWE3MDQwNSIsImwiOjE2ODYxOTE2MjI3OTcsInQiOjF9
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005%22%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: "1991~2c3e:18yi~2c3e:175w~2c3e:196y~2c3e:190u~2c3e"
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4NjE5MTYyMjc5Mn0
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.linkedin.com/ Name: li_sugr
Value: be423f0d-f8ab-4357-be84-0766cea2f013
.a-mx.com/ Name: amuid2
Value: 1080a888-fdbd-4f30-873e-e8f15b92e8e7
.pippio.com/ Name: did
Value: 7vie4u4F3UmylmYm
.pippio.com/ Name: didts
Value: 1686191622
.pippio.com/ Name: nnls
Value:
.linkedin.com/ Name: bcookie
Value: "v=2&83f74058-ce49-4ca1-8ddf-fa3694681519"
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2671:u=1:x=1:i=1686191622:t=1686278022:v=2:sig=AQEjkFMGOqTT0yXq93wY7_wGbJE6ZX9e"
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-968907266893378216
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!3818
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8382746492207882041&KRTB&23263-8382746492207882041&KRTB&23481-8382746492207882041
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-814511A8-C31A-4637-B47D-25B872926F86&KRTB&23413-814511A8-C31A-4637-B47D-25B872926F86&KRTB&23479-814511A8-C31A-4637-B47D-25B872926F86
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:6rjQHPZV1Q75t45&KRTB&23421-uid:6rjQHPZV1Q75t45
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-e26abfe0-05a4-11ee-bade-24febccff229&KRTB&23275-e26abfe0-05a4-11ee-bade-24febccff229
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiMTA4MGE4ODgtZmRiZC00ZjMwLTg3M2UtZThmMTViOTJlOGU3IiwiZXhwaXJlcyI6IjIwMjMtMDYtMjJUMDI6MzM6NDIuOTE4MDg4NDYzWiJ9fSwiYmRheSI6IjIwMjMtMDYtMDhUMDI6MzM6NDIuOTE4MDY4NDA4WiJ9
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAAZYU7JAnwAACBq72dMAA
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-e9fea58d-d953-402c-966e-3a51d9f8767b-64813e06-4341&KRTB&23418-e9fea58d-d953-402c-966e-3a51d9f8767b-64813e06-4341
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.sportradarserving.com/ Name: c
Value: 1686191622
.sportradarserving.com/ Name: zuuid
Value: 4585e617-3341-4ca1-b1ef-309b2791d10e
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-34fc4e7e-61ca-4a1c-8c00-8163ebcd2e1d
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1l19|4is.0.CAESEMzT4vzL4RhKrP0q8CGpNjQ|7LJ.0.d9412701-94e5-4cdb-9ec1-9bc534e67e66|7dN.0.AAAZYU7JAnwAACBq72dMAA
.id5-sync.com/ Name: id5
Value: 7fce22d6-a933-7bba-8cdc-8070d7acf01b#1686191622517#3
.rubiconproject.com/ Name: audit
Value: 1|clb2f5t+FPpYNXbg+Siaxe1WuCoMxA8a+JUixCbOKdqrcd0du2tcB9Jt7+udRuX7kyPg6bDyrynurFsVueM/GeBxGCOXoSK1Y+Y6eoMfBQzc6UO785F0Pw==
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6IjEwODBhODg4LWZkYmQtNGYzMC04NzNlLWU4ZjE1YjkyZThlNyIsImV4cGlyZXMiOiIyMDIzLTA2LTIyVDAyOjMzOjQzLjAwNTM1MTc0OFoifSwicnViaWNvbiI6eyJ1aWQiOiJMSU1JWUJXVS1ELTVaV1ciLCJleHBpcmVzIjoiMjAyMy0wNi0yMlQwMjozMzo0My4wMDQ5MzY2MVoifX0sImJkYXkiOiIyMDIzLTA2LTA4VDAyOjMzOjQzLjAwNDkzNTEyMVoifQ==
ads.playground.xyz/ Name: connect.sid
Value: s%3AQ-322Pybw-zpoHSldGVCrptux_fZECes.KtqzDb0PcLY40fr77d2vs3bQjUXL1rp3jAfSXSxaG%2FY
.pubmatic.com/ Name: SyncRTB3
Value: 1687046400%3A63%7C1687478400%3A35%7C1687392000%3A231_104_46_22_8_56_3_250_81_204_54_249_234_240_5_178_7_233_48_165_71_13_21_220_166_55%7C1686787200%3A2_15_223%7C1688774400%3A224
.sportradarserving.com/ Name: zuuid_lu
Value: 1686191623
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1686191623
.bluekai.com/ Name: bku
Value: ikG999zIQVEDDLyl
.bluekai.com/ Name: bkpa
Value: KJyWyB2r3M9R9wY73U5cMN2kfLRLPFhvYXPi3NerIJKBi1TDumSK4gdPtWd5YrCbIdfH+frCNftL7dISISKNy32MfzlY5tlF5NdE2OyJlHB99kiFh2KMV48t2IGhPzFZI6T98fcpTIFHW1ObZn+qNHw9oC3srZorOJOxq9ABDySHt/xtWGP8v81ea6U/SuCPYRKBGp32aWDVJaJktNhxKkJOpZm5cJU1qYR+S7qm18KzPs9LOvaJ6UaUJioasyko/lPt6PcnfaMZrukjy9VWuMsrsKuZjWabFkplW15vrQ1TK+U1GeYJTRMUdzqRhV4f2nFd4y19FthUO9==
.mfadsrvr.com/ Name: tuuid
Value: 06dd0459-939d-426d-8412-cf897203e0a1
.mfadsrvr.com/ Name: c
Value: 1686191623
.mfadsrvr.com/ Name: tuuid_lu
Value: 1686191623
.pippio.com/ Name: pxrc
Value: CIf8hKQGEgQIAhAAEgYI7OsBEAA=
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-72a9fcf6-ec71-43c6-a594-01927ececd2a-005%22%7D
.criteo.com/ Name: uid
Value: 8d6577cc-568f-4510-8f45-17f78336c624
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.smartadserver.com/ Name: csync
Value: 127:AAAZYU7JAnwAACBq72dMAA
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1686191623
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 836f6ed5-e911-529f-a3a3-0b0ac722350d
.betweendigital.com/ Name: ss
Value: 1
.linksynergy.com/ Name: rmuid
Value: 8ee6b949-4b46-4379-beb8-acfbc8a9520c
.linksynergy.com/ Name: icts
Value: 2023-06-08T02:33:43Z
.rlcdn.com/ Name: rlas3
Value: Yt6ns3WGBLLpaxjPFM5eIt5vOzM/oelpZj8xRPiWMAw=
.lele43kg.click/ Name: cto_bundle
Value: 8DljFF9PTnElMkZFNzZPQ3dhdmMzTVBFODVsYzRKS2Fsc2RKVTlXVkRzQk04YWVzMyUyRkFDRk90JTJGdDB0a0JJWkdlJTJCMGo5eURUTllRektweXpKaWhkU3NpRzJkNVVzVU54TzIlMkZTMWd6Z3hhWUc4dCUyRlV1OTlNQTJYQzl4NDFuQ080cVBxRTRyV3RJSFc2TjdvMW45T2NDUXdVNkUlMkZoUSUzRCUzRA
.betweendigital.com/ Name: ut
Value: ZIE-BwAEMjg7syfDngI2FBAFZEJRCknoK_5M0A==
.pubmatic.com/ Name: PugT
Value: 1686191623
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 6df6bfba-8d99-4840-9353-a097ef652909.455405623
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCIyfl-3Z9PM7EAUSFgoHc3Z4OXQ1MBILCMqJru7Z9PM7EAUYASABKAIyCwiYuquj8PTzOxAFOAFaBzhoOXUxMWhgAg..
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.semasio.net/ Name: SEUNCY
Value: 25E6484A784C2D49
.id5-sync.com/ Name: 3pi
Value: 434#1686191623262#-1716834117|2#1686191623800#1262718223#4631962839502029404|3#1686191623406#1232844637#2c146481-3e06-4900-8289-22511a19c681|264#1686191623537#-1542246447#b34041a6-af38-4471-a315-26c52a34e8cb|441#1686191623109#-1277342983#u_f4a778f1-d736-425b-91f4-c298444b4d15|429#1686191623667#1644067091#814511A8-C31A-4637-B47D-25B872926F86

143 Console Messages

Source Level URL
Text
security error URL: https://lele43kg.click/
Message:
Refused to apply style from 'https://lele43kg.click/css?family=Droid+Serif:300,400,600,700|Open+Sans:400,700,600&display=swap' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-1.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-2.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-3.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-4.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-5.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-6.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-1.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-2.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-3.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-4.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-5.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-6.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-1.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-2.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-3.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-4.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-5.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-6.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-1.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-2.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-3.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-4.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-5.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-6.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-1.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-2.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-3.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-4.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-5.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-6.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-1.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-2.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-3.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-4.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-5.png"
other warning
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/e1935336-4692-11ea-a45f-b7fa6a4b0ba0-6.png"
network error URL: https://lele43kg.click/_services/v1/client_ip_info/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.lafourchegazette.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=168619161823316001200501553640686&tnms_dt=New%20restaurant%20aiming%20to%20serve%20fresh%2C%20homemade%20Louisiana%20dishes%20%7C%20Human%20Interest%20%7C%20lafourchegazette.com&tnms_upage=1&tnms_do=www.lafourchegazette.com&tnms_uri=/&tnms_ref=&rt=1686191618236
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://lele43kg.click/
Message:
Access to XMLHttpRequest at 'https://www.lafourchegazette.com/tncms/search/mlt/?origin=aa313dd6-abd9-11ed-b21d-275b1b45dd17&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube' from origin 'https://lele43kg.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.lafourchegazette.com/tncms/search/mlt/?origin=aa313dd6-abd9-11ed-b21d-275b1b45dd17&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://lele43kg.click/tncms/search/recommend/?app=editorial&t=article&inline=summary&preview=1&k=food%2Cgastronomy%2Crestaurant%20industry%2Cindustry%2Cthe%20economy%2Ctourism
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.25.0&cb=42147073712&lsavail=0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_7.25.0
Message:
Failed to load resource: the server responded with a status of 458 ()
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-1.png"
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279.png"
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-2.png"
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-3.png"
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-4.png"
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-5.png"
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://lele43kg.click/lafourchegazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Message:
Dropped srcset candidate "../../lafourchegazette.com/content/tncms/custom/image/da6549a2-4692-11ea-a45f-cfe6124e1279-6.png"
network error URL: https://lele43kg.click/tncms/tracking/tncms-dmp/audience-extraction/?d=%7B%22name%22%3A%22client%22%2C%22value%22%3A9613%7D&i=1686191618393,
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://lele43kg.click/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=88' from origin 'https://lele43kg.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://lele43kg.click').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://auth.instiengage.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://4c65799a4fc33c9b894e0b1f0a302367.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://lele43kg.click').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://lele43kg.click').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://lele43kg.click').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://bcp.crwdcntrl.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://us-u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ad-cdn.technoratimedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://lele43kg.click').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://auth.instiengage.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://4c65799a4fc33c9b894e0b1f0a302367.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://lele43kg.click').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://lele43kg.click').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://lele43kg.click').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://bcp.crwdcntrl.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://us-u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ad-cdn.technoratimedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=dc072b6d-f6c5-4e02-a8d6-ad0fd77abb05&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://id5-sync.com/k/264.gif?puid=b34041a6-af38-4471-a315-26c52a34e8cb&ttl=%%TTL%%
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://lele43kg.click').
network error URL: https://lele43kg.click/tncms/access/rules/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
33across-match.dotomi.com
4c65799a4fc33c9b894e0b1f0a302367.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.crwdcntrl.net
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.com.kh
ampcid.google.ca
ampcid.google.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api.intentiq.com
api.rlcdn.com
assets.a-mo.net
auth.instiengage.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bloximages.newyork1.vip.townnews.com
bttrack.com
c.bing.com
c1.adform.net
cdn.adnxs.com
cdn.confiant-integrations.net
cdn.indexww.com
cdn.segment.com
cdn.taboola.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.instiengage.com
cms.quantserve.com
contextual.media.net
core.iprom.net
crb.kargo.com
cs.media.net
csync.loopme.me
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
de.tynt.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
event.insticator.com
events-ssc.33across.com
ex.ingage.tech
fastlane.rubiconproject.com
g2.gumgum.com
geoip.insticator.com
geoip.instiengage.com
gocm.c.appier.net
gum.criteo.com
hblg.media.net
hbopenbid.pubmatic.com
hde.tynt.com
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
insticator-d.openx.net
insticator.technoratimedia.com
ipac.ctnsnet.com
js-sec.indexww.com
lax1-ib.adnxs.com
lb.eu-1-id5-sync.com
lele43kg.click
lg3.media.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mweb.ck.inmobi.com
onetag-sys.com
ow.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
product.instiengage.com
protected-by.clarium.io
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
static.instiengage.com
stats.g.doubleclick.net
synacor-match.dotomi.com
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
tags.rd.linksynergy.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
uat-net.technoratimedia.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
warp.media.net
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.lafourchegazette.com
x.bidswitch.net
api.rlcdn.com
assets.a-mo.net
lele43kg.click
protected-by.clarium.io
www.lafourchegazette.com
104.117.182.27
104.127.172.242
104.127.64.185
104.16.132.24
104.18.11.47
104.18.25.185
104.254.151.69
104.36.115.111
104.36.115.123
107.178.254.65
13.225.214.50
13.225.223.151
13.225.63.52
13.226.34.99
13.35.93.31
134.122.57.34
141.226.224.48
141.95.33.111
142.251.40.194
147.28.129.37
151.101.1.108
151.101.1.44
151.101.129.108
151.101.194.49
162.19.138.119
162.248.18.32
162.248.18.34
162.248.18.37
172.105.232.22
173.231.178.81
18.204.107.11
18.235.41.166
185.167.164.37
188.42.196.115
192.104.183.109
192.132.33.46
192.40.39.223
192.96.203.13
195.5.165.20
198.148.27.139
199.127.204.171
199.38.167.131
20.85.134.6
207.198.113.86
23.105.12.143
23.105.14.106
23.192.31.127
23.199.48.23
23.217.42.188
23.52.158.180
23.88.86.2
23.92.190.69
2600:1f18:4e9:5a05:ad8e:c57c:f41b:3e87
2600:9000:202c:6400:17:5bae:c7c0:93a1
2600:9000:21ea:9200:1c:386f:ec80:21
2600:9000:2512:3000:9:78a:e540:93a1
2602:803:c002:200::115
2603:c020:400d:3000:f50:982a:7877:65bd
2606:2800:21f:2cf1:7be6:911:71d9:25f7
2606:4700:10::6816:53d
2606:4700:3037::ac43:9a47
2606:4700:4400::6812:220a
2606:4700::6812:18ad
2606:4700::6813:9e13
2606:ae80:1451:13::2360
2606:ae80:1451:22::820
2607:f8b0:4004:c09::9b
2607:f8b0:4006:806::2002
2607:f8b0:4006:806::200e
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:4cb8:1820:80ca:50f7
2620:1ec:21::14
2620:1ec:c11::200
3.220.81.91
3.222.106.255
3.224.253.54
3.233.21.199
3.237.52.215
34.102.163.6
34.102.253.54
34.111.113.62
34.117.239.71
34.133.71.175
34.149.20.76
34.200.65.202
34.228.136.31
34.98.67.3
35.186.193.173
35.186.253.211
35.190.60.146
35.207.24.140
35.211.178.172
35.211.233.246
35.214.192.219
35.244.159.8
37.157.6.254
38.91.45.7
38.98.69.175
44.208.157.20
44.213.57.151
50.16.228.60
50.57.31.206
51.222.39.184
52.2.238.35
52.206.37.79
52.223.22.214
52.223.40.198
52.46.128.147
52.55.109.177
52.72.123.193
52.73.187.111
52.73.81.183
52.86.87.176
52.95.118.179
54.144.147.217
54.174.155.78
54.210.26.99
54.217.67.170
54.84.121.56
63.250.38.205
67.202.105.21
67.202.105.32
67.202.105.34
68.67.161.182
68.67.178.10
69.166.1.12
69.166.1.15
69.90.254.78
70.42.32.63
72.247.71.192
74.119.119.139
74.119.119.150
74.121.140.211
8.28.7.81
8.43.72.97
8.43.72.98
0072b43322ff1b20e60f83cc458bd35dca304960b429f20b12c23125512cd964
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1
021ad1922ab3b6e1d8da0ddb300425284daf76bab7c60e61451f42fb5fe3bc80
0912f751da311f8497dc1b7458fe54b7136eff5aa2266fa657d5dacc8fadba2e
096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaadfc669b484062ca55467ca1aa485df3c72219ad934de7527a22c451aefaa
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
1288453b74d792fde94a653aa93a93f84674b8ff97f6d7e3e7d034af31b263e1
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bc728ed832fc895e2c5dc2e4cb961913ad05496eeed776d568370bb065e85f9
1d13f3ca71d7f8936fa6132de0d7b79b479d0eb9615df43fde4f31b2d43c79fe
1e290fe7d19052faf0432be002c9d80f4f91179f775cd4b629b892a24cc7ff58
1ec681300bf92d8a2d7a67a0e7b2dd7651ec4b35e5dcc67f180a4bacd0ed6937
1fbba53d8e9be9aa93e5eea61067c3a3b227a1327cdf5b0a94ab109f11ed7f74
204bf77a451069bca95e93cc29650ecd2c8fb484bfaf451205229ce3c8e8f655
20dfd8b6a95f1092de51f9a49a25e8479f9c195139f6e13e82662d29e1a06455
21c1d2201d56a83c3101c60806f0b6516625ae35e1c9a88c90db8c09412febf5
236fbed5ec345b8aa7279f6e04d22f76a5064e35f62429879acebecac4139a02
26a844f93c53e2b6e41c938c2ffc5d3169f33f06804545e603e9fdd98cae70a4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d
340dbe154a3afb491b29716329959822448f074f9b9ad6c18ffb571595d0d05c
34f0c219d32960724e908dff58ed6a86fbaac559bd9f254da60fc1534038b42b
34fc4e7529fac73aeaa0c93e5d6c40dcf6dc896aa0df459fac69542fb8a2a547
36a03c3ab21c3c096082c44d25480c91ad9fd855bad5f5c4adddd2dccc51bfc4
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
388c0eb9065a1b5a9ab20f47469f32958f56a53bd9c53791691772ba314e912f
39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e9715b85f0b04cb652384b7517f73d44325eab1568db300973ad8d0c4a2dc77
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b0bb1642a155733dee03f2053d9775ba10dad074c4ffcce33c167ef6649cf2
49b2428c2d1e0b1b8a92e5189f0306451a73a881a74a8abc0789420530f68252
4a2f372585257d556220c263221066e8860d0c60ec39b63796c60d426db29739
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50846800868a535c1d2befa0b84738e08ac7013dd5628b4a2be94308d2caa1f1
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
51f2731ac69c6df19292ba876b0fe1f08256f6098dc7c389a8698d4fe66e2207
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bfafcbad2da56c8f60b685148c01e105d162974422f3b8f786c904f767fc16
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
5d226680d8961466c18b227454d294603b4abf5fbae2c3f9835d68a73629f14f
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5dc6a6b79d3645c92cfc3a4df1dd84f690789cc1f9cc962b12bcf8e95ce663d3
5e81c12a471e42d82158cea8989ecc12013261692bd2011b6c93c42503ec3e91
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
6065cc42cf9789426f27a40563bc5c313b5ed33a7bc384c3ffaa0d047eb93ff2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638e234fa91962ce4b2c572532e7dcd5e9a5db3e36eb0587ba2cf1fb306e787d
64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7
64e900c15a3f1379ac447e0b44de7c7fd0ed64d744492bd9402595c4efc322a1
67c16bcb94f90777a899589c3f4494fec70a78b9028350683d8eb833a28ce79a
68e7079fb344f89cd8fcdb1328af799a2b48d324b66216542f6d2d3e7f0979bb
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e1181b39902ae448afb2f60edda18397ea1f22460a4008e6ff235a69fc7e39b
6e4676998b7c5e819cb1ab330518e8ec3b46b189f598d66b9a7f8591f871fec5
6eb8cf34b6e4c8876fa30618db7aa8526fcf71fb32e9aa4c8b11b6fa4590e811
713a883b04a8dd615695327fb319129b690aa22f58d7e59d911e7275820c043a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
78750729dbbbdc0c9e92a1d6deb1a9e7c11a0e15672b297269ad96d71ad8cfad
78fabb8840d3fba5bd2a5bd16096e4d255e5da9267f3228efc263bdebf35c088
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b7f6744eb4dcf93cec2b1af54ca5d323aff63debdd7658347fb3bda1d8a3939
7dbcdbf64f6d2c3d36a3f3292e6114271c70fe25ac55de8c3a32262a7b736e62
809026af8b75ca999fca15c17fb95b36e4473ffbcc23bc271b722bdff6429f15
81278bdff5c4598f89e446eb0bbcce22f1c85e08e280b49359f7bd3a39d5c382
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8325813949d5a4fd51a951ca687aafa685fc85319f59cd0e60f64e08fe92d2d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8ed2e086e93a77c75ac94831c50b30bbbb4e50e8d717e2cd710de13fe5f65f1b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
906cf7cfa93b1ab7d9c6f1775e47b97d2c6e0b223a8c7409d7884eb8700d90eb
90c85c9ad8651588701a337fd9c676c47072aee9b4a256ad218d25688ffb6291
9122d35ca0b1532a344f0801f9004b862de73fe3ec70d6eb04a345cc02e8e2a3
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94a02f59c558933038459f20f0ce529ae96ae565163eaad74f4f4484247aeb81
950af077abdad1f55b2bfc77b1722582c27f2edcc138dfe3873944cf9728574b
955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8
98a6effe1c917b340d9ddf5d3163147fba125049c37540fdbac6a215e7752fc5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ca706b5df9c2fa5c96c5dcdb8ec0481c63546901febf89a623e2f5f3fda3e73
9f7f9461c7868801f6671ffead505735e33f8f99007f55bc8b579907d87fb5a7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58bae503e7c4ada63c97caf7738d9d1bc57e9ae5f034a4bc913a996e8ffe3fe
a95eebd3e069c109f82214724fac3cbd9e0a09071fb20ccf270c2bbb2e57a93c
a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae6c4eb375a9a08f2c21183d6857943c7762e78c45c185670d4a5cc17fabfb57
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b8afd59a03bcb312667b449341fdd15f86861886ef702e46479e76805353e1d3
b90aee13b3fda7cc676346d54a9bb20fe498bbd5cbb473cd138349c2fb8dbb03
b953c80f17a4dc7ec9c67b27ca0ca3615ff8257a53be8f7e613ff44c4400c1dc
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bdcdaed54700a4653b9af6e3f0eab54737b5ff3b6297a3268ce0fc5160bad9a5
be657dcd95ee2e73fd5718b68961adccfa8de5d06b133fbf4c01b246517926b1
c0dc2c871a928d1a18c542ef13cd7fff3f0b828a5cc404da946dd8089171eec4
c10dc69b09f9cf0630591025126dba6d048d57c93eeaabe90af9ee8a5b612b30
c1f33558d1045531b408a422d50e71ad01b0b33984d74d6a3a06d97e4cfd3d81
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c2ee142e63cc3da3511c6aa05ce2ee17eccc8d4549d95b58b53bb9db025f2e50
c4c37d6d684e7f9bdfb31dee3a2b4fb4751dc72853eb07cd15b40a14c44d62f5
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7ed7ef9182dc5206d1b7a8038bcfe2b57fc1be96d78b75152e9b713ca4ef2d6
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c96243483fe1107223c07f837885d057ec2b7515e349bd51523ab2ef6666bf43
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cdf7e002d5ca9f1084402203a4059e230cbdccf6b248a4fb6214780d513a785d
d06b0e662cfd11cf87c4c75d9a1c22bb7f710d0d1b9c6d5dfc099e52672a4246
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23
d2c2161d216b3f6f05411fb2ae1c43a501c51f1763c450326757baad4af344ca
d34497b0307b427413bf8f162dbed83f28e8657ee863bf57fdb92b861f2dc2a9
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d7112c31b1f0ef0b5ea9e9eaf35a1dc4f70eb55c3f2a20a97f2bfccc4577c489
d7e059e8113ea09768869ccd3718e8d2ca6642c7665faffc2fc23fb17339a0f3
d976009e0ff2a163ec0fec368655f9d213b36817354f1d3f02cfbc99dbff51e7
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de0aaf2a142e96621d624daadf23c5c4ea7df3ad409db9487c4b1b4030473a84
de64537041e8ff0b4acea4f79da71cba61d5510f6540f84426094f690388c3c9
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e33ba01eb3d4a4ace3fa9b6ad36df6d661a14cb08f4c698d280988a2f15eec80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43f413b6d81d7747e0bdada6b894dbfdea6310a2fdcc5b7c18e389a6ccab8c1
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
edf1f190357740096479eb0ff04787be990ef7ca32aa708a01b272175207c763
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef363fc8d14e4cdfc401792ea044108d84aa709594566611808f8e5aa0779c4c
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404
f39759cc5d69473b0915c80d9044bee2cb142445fa479d9356151d8d1de5c77e
f50e76a4e1dd6b883b861a34c6cd8acbe068fb9ef1c3938f0cee5d511e30f90b
f6f74b06566c19607020d524a5c684318b73c129b35ffaa6520657e5f60508da
f9186752fbc16321f99c98fb41db4058c9caf24529c0070d53d61f609e14dc2a
f9230094429608220b66e334835c903920237aac9c0655230ab2c13f87eaff53
ffec992edcab0f93b6219bc3ee424150a05579fba41bff0fa45920483e859844