urlscan.io logo urlscan.io
SecurityTrails logo

sharemods.com Open in urlscan Pro
172.67.71.49  Public Scan

Go To Rescan Add Verdict Report
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Submission: On May 30 via manual from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 76 IPs in 11 countries across 58 domains to perform 280 HTTP transactions. The main IP is 172.67.71.49, located in United States and belongs to CLOUDFLARENET, US. The main domain is sharemods.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 19th 2020. Valid for: a year.
This is the only time sharemods.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 172.67.71.49 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.111.9.35 33438 (HIGHWINDS2)
10 216.58.212.162 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 51.68.161.27 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
11 18 142.250.185.130 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 13.226.158.204 16509 (AMAZON-02)
2 35.190.77.178 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.57.228.122 16509 (AMAZON-02)
2 178.250.0.165 44788 (ASN-CRITE...)
3 8 185.33.221.15 29990 (ASN-APPNEX)
2 4 23.111.200.117 7979 (SERVERS-COM)
3 6 37.157.3.30 198622 (ADFORM)
2 185.184.8.65 204995 (RTB-HOUSE...)
1 198.148.27.133 19189 (PULSEPOINT)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 69.173.144.143 26667 (RUBICONPR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 15 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.111.230.142 16625 (AKAMAI-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
5 162.252.214.5 53334 (TUT-AS)
1 4 52.95.124.165 16509 (AMAZON-02)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
5 9 69.173.144.139 26667 (RUBICONPR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.226.159.42 16509 (AMAZON-02)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 72.21.206.140 16509 (AMAZON-02)
3 2.18.233.180 16625 (AKAMAI-AS)
3 3 151.101.114.49 54113 (FASTLY)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
3 3 185.29.135.234 30419 (MEDIAMATH...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
1 185.64.189.115 62713 (AS-PUBMATIC)
1 162.252.214.11 53334 (TUT-AS)
2 2 213.155.156.184 1299 (TELIANET ...)
14 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
3 3 52.49.40.147 16509 (AMAZON-02)
1 185.86.137.110 201081 (SMARTADSE...)
1 1 162.55.6.211 24940 (HETZNER-AS)
3 185.64.189.114 62713 (AS-PUBMATIC)
3 3 146.59.148.16 16276 (OVH)
4 4 76.223.111.131 16509 (AMAZON-02)
2 2 54.171.173.220 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 18.156.0.31 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 3 52.57.230.211 16509 (AMAZON-02)
2 2 54.194.211.3 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 159.65.196.12 14061 (DIGITALOC...)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 66.155.71.149 13768 (COGECO-PEER1)
1 159.253.128.188 36351 (SOFTLAYER)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 84.200.5.215 31400 (ACCELERAT...)
1 1 78.46.85.162 24940 (HETZNER-AS)
1 82.113.101.236 6805 (TDDE-ASN1)
1 6 2a00:1450:400... 15169 (GOOGLE)
3 159.89.25.223 14061 (DIGITALOC...)
3 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 172.253.120.155 15169 (GOOGLE)
8 172.217.23.98 15169 (GOOGLE)
3 5 2.18.234.21 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a02:2638::3 44788 (ASN-CRITE...)
1 2a02:2638::1c 44788 (ASN-CRITE...)
1 198.148.27.139 19189 (PULSEPOINT)
280 76
25    172.67.71.49 (United States)

ASN13335 (CLOUDFLARENET, US)
sharemods.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
10    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2606:4700:20::ac43:4876 (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
1    2606:4700:3030::6815:2212 (United States)

ASN13335 (CLOUDFLARENET, US)
cookieinfoscript.com
1    51.68.161.27 (France)

ASN16276 (OVH, FR)
PTR: ip27.ip-51-68-161.eu
scamblefeedman.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
18    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pubads.g.doubleclick.net
cm.g.doubleclick.net
1    2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
www.premiumvertising.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net
c.amazon-adsystem.com
2    35.190.77.178 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 178.77.190.35.bc.googleusercontent.com
cloud.setupad.com
2    2a00:1450:4001:831::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    52.57.228.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-228-122.eu-central-1.compute.amazonaws.com
ice.360yield.com
ad.360yield.com
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
8    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    23.111.200.117 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
6    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
c1.adform.net
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
1    198.148.27.133 (New York, United States)

ASN19189 (PULSEPOINT, US)
bid.contextweb.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
15    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
gcdn.2mdn.net
3    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)
6.adsco.re
5    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
4    52.95.124.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
aiypwttqfvkp.l4.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
aiypwttqfvkp.n4.adsco.re
1    185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
aiypwttqfvkp.s4.adsco.re
9    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
1    2606:4700:20::ac43:44a2 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
1    13.226.159.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-42.dus51.r.cloudfront.net
s.ad.smaato.net
2    2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
1    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
3    185.29.135.234 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    162.252.214.11 (United States)

ASN53334 (TUT-AS, US)
premiumvertising.com
2    213.155.156.184 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
14    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    52.49.40.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    162.55.6.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de
csync.loopme.me
3    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    146.59.148.16 (France)

ASN16276 (OVH, FR)
pixel.onaudience.com
4    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
2    54.171.173.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    52.57.230.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-230-211.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.194.211.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-211-3.eu-west-1.compute.amazonaws.com
ads.avct.cloud
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
19    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
11    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
3    2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)
af7c1046fdbec46d647d764e227e4fbb.safeframe.googlesyndication.com
83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
5    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
partner.blau.de
1    82.113.101.236 (Giessen, Germany)

ASN6805 (TDDE-ASN1, DE)
portal.blau.de
6    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
19    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2a00:1450:400e:800::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    172.253.120.155 (United States)

ASN15169 (GOOGLE, US)
bid.g.doubleclick.net
8    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
googleads4.g.doubleclick.net
ade.googlesyndication.com
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    2a00:1450:4001:65::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5e6nz7.c.2mdn.net
4    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
Apex Domain
Subdomains		 Transfer
51 googlesyndication.com
238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
tpc.googlesyndication.com
af7c1046fdbec46d647d764e227e4fbb.safeframe.googlesyndication.com
83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
173 KB
42 doubleclick.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
bid.g.doubleclick.net
googleads4.g.doubleclick.net
569 KB
25 sharemods.com
sharemods.com
195 KB
23 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
40 KB
16 google-analytics.com
ssl.google-analytics.com
www.google-analytics.com
37 KB
14 adsco.re
c.adsco.re
6.adsco.re
4.adsco.re
adsco.re
aiypwttqfvkp.l4.adsco.re
aiypwttqfvkp.n4.adsco.re
aiypwttqfvkp.s4.adsco.re
42 KB
14 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
20 KB
13 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
77 KB
12 gstatic.com
fonts.gstatic.com
csi.gstatic.com
141 KB
9 google.com
adservice.google.com
www.google.com
2 KB
8 adnxs.com
ib.adnxs.com
8 KB
7 googleapis.com
fonts.googleapis.com
storage.googleapis.com
imasdk.googleapis.com
400 KB
6 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r3---sn-4g5e6nz7.c.2mdn.net
2 MB
6 googletagservices.com
www.googletagservices.com
155 KB
6 adform.net
adx.adform.net
c1.adform.net
4 KB
5 casalemedia.com
dsum-sec.casalemedia.com
4 KB
5 ampproject.org
cdn.ampproject.org
101 KB
5 setupad.com
cloud.setupad.com
node.setupad.com
152 KB
4 criteo.net
static.criteo.net
107 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
3 KB
4 dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
3 KB
4 betweendigital.com
ads.betweendigital.com
2 KB
4 criteo.com
bidder.criteo.com
dis.criteo.com
gum.criteo.com
916 B
3 google.de
adservice.google.de
409 B
3 bidswitch.net
x.bidswitch.net
2 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 everesttech.net
sync-tm.everesttech.net
1 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com
18 KB
2 blau.de
partner.blau.de
portal.blau.de
2 KB
2 avct.cloud
ads.avct.cloud
894 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
740 B
2 crwdcntrl.net
sync.crwdcntrl.net
986 B
2 de17a.com
d5p.de17a.com
1 KB
2 contextweb.com
bid.contextweb.com
bh.contextweb.com
1 KB
2 creativecdn.com
prebid-eu.creativecdn.com
350 B
2 360yield.com
ice.360yield.com
ad.360yield.com
816 B
2 premiumvertising.com
www.premiumvertising.com
premiumvertising.com
10 KB
2 stpd.cloud
stpd.cloud
351 KB
2 fontawesome.com
use.fontawesome.com
16 KB
1 lead-alliance.net
www.lead-alliance.net
565 B
1 telefonica-partner.de
www.telefonica-partner.de
203 B
1 simpli.fi
um.simpli.fi
611 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
872 B
1 quantserve.com
pixel.quantserve.com
837 B
1 loopme.me
csync.loopme.me
493 B
1 smartadserver.com
rtb-csync.smartadserver.com
163 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 rlcdn.com
id.rlcdn.com
1 smaato.net
s.ad.smaato.net
249 B
1 setupad.net
prebid-stag.setupad.net
801 B
1 scamblefeedman.com
scamblefeedman.com
1 KB
1 cookieinfoscript.com
cookieinfoscript.com
4 KB
0 fidelity-media.com Failed
x.fidelity-media.com Failed
280 58
Domain Requested by
25 sharemods.com sharemods.com
22 pagead2.googlesyndication.com securepubads.g.doubleclick.net
83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
sharemods.com
www.googletagservices.com
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
sharemods.com
tpc.googlesyndication.com
238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
15 cm.g.doubleclick.net 11 redirects ads.pubmatic.com
googleads.g.doubleclick.net
14 www.google-analytics.com sharemods.com
www.google-analytics.com
10 simage2.pubmatic.com ads.pubmatic.com
10 securepubads.g.doubleclick.net sharemods.com
securepubads.g.doubleclick.net
www.googletagservices.com
238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
9 googleads.g.doubleclick.net sharemods.com
83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
8 ib.adnxs.com 3 redirects cloud.setupad.com
storage.googleapis.com
googleads.g.doubleclick.net
8 c.amazon-adsystem.com stpd.cloud
c.amazon-adsystem.com
sharemods.com
7 fonts.gstatic.com fonts.googleapis.com
6 www.google.com 1 redirects sharemods.com
tpc.googlesyndication.com
238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
6 www.googletagservices.com sharemods.com
securepubads.g.doubleclick.net
83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
5 ade.googlesyndication.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 csi.gstatic.com imasdk.googleapis.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 static.criteo.net cloud.setupad.com
storage.googleapis.com
static.criteo.net
4 match.adsrvr.org 4 redirects
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com
4 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ads.pubmatic.com
4 ads.betweendigital.com 2 redirects sharemods.com
3 googleads4.g.doubleclick.net googleads.g.doubleclick.net
3 node.setupad.com sharemods.com
3 s0.2mdn.net sharemods.com
googleads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 x.bidswitch.net 3 redirects
3 pixel.onaudience.com 3 redirects
3 match.prod.bidr.io 3 redirects
3 sync.mathtag.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 ads.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
3 4.adsco.re c.adsco.re
3 6.adsco.re c.adsco.re
3 c.adsco.re www.premiumvertising.com
c.adsco.re
3 pubads.g.doubleclick.net sharemods.com
3 maxcdn.bootstrapcdn.com sharemods.com
3 fonts.googleapis.com sharemods.com
securepubads.g.doubleclick.net
238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
2 r3---sn-4g5e6nz7.c.2mdn.net
2 imasdk.googleapis.com 238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
2 83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 pubmatic-match.dotomi.com 2 redirects
2 ads.avct.cloud 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 amazon-tam-match.dotomi.com 2 redirects
2 adsco.re c.adsco.re
2 eus.rubiconproject.com sharemods.com
eus.rubiconproject.com
2 fastlane.rubiconproject.com cloud.setupad.com
storage.googleapis.com
2 hbopenbid.pubmatic.com cloud.setupad.com
storage.googleapis.com
2 prebid-eu.creativecdn.com cloud.setupad.com
storage.googleapis.com
2 adx.adform.net cloud.setupad.com
storage.googleapis.com
2 bidder.criteo.com cloud.setupad.com
storage.googleapis.com
2 storage.googleapis.com sharemods.com
2 cloud.setupad.com sharemods.com
2 ssl.google-analytics.com 1 redirects sharemods.com
2 stpd.cloud sharemods.com
2 use.fontawesome.com sharemods.com
1 bh.contextweb.com
1 gum.criteo.com static.criteo.net
1 gcdn.2mdn.net 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 portal.blau.de sharemods.com
1 partner.blau.de 1 redirects
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 af7c1046fdbec46d647d764e227e4fbb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 um.simpli.fi ads.pubmatic.com
1 pixel-sync.sitescout.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 premiumvertising.com www.premiumvertising.com
1 image6.pubmatic.com ads.pubmatic.com
1 id.rlcdn.com
1 ads.yahoo.com
1 s.amazon-adsystem.com aax-eu.amazon-adsystem.com
1 s.ad.smaato.net aax-eu.amazon-adsystem.com
1 prebid-stag.setupad.net eus.rubiconproject.com
1 pixel-eu.rubiconproject.com 1 redirects
1 aiypwttqfvkp.s4.adsco.re c.adsco.re
1 aiypwttqfvkp.n4.adsco.re c.adsco.re
1 aiypwttqfvkp.l4.adsco.re c.adsco.re
1 secure-assets.rubiconproject.com 1 redirects
1 ad.360yield.com storage.googleapis.com
1 bid.contextweb.com cloud.setupad.com
1 ice.360yield.com cloud.setupad.com
1 stats.g.doubleclick.net sharemods.com
1 www.premiumvertising.com sharemods.com
1 scamblefeedman.com sharemods.com
1 cookieinfoscript.com sharemods.com
0 x.fidelity-media.com Failed cloud.setupad.com
storage.googleapis.com
280 107

This site contains links to these domains. Also see Links.

Domain
adsco.re
cookieinfoscript.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-19 -
2021-07-19		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
scamblefeedman.com
R3		 2021-05-19 -
2021-08-17		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
1258267123.rsc.cdn77.org
R3		 2021-04-04 -
2021-07-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
cloud.setupad.com
GTS CA 1D4		 2021-05-01 -
2021-07-30		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.360yield.com
Amazon		 2020-08-26 -
2021-09-26		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2020-09-15 -
2021-09-26		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.l4.adsco.re
R3		 2021-05-19 -
2021-08-17		 3 months crt.sh
*.n4.adsco.re
R3		 2021-05-19 -
2021-08-17		 3 months crt.sh
*.s4.adsco.re
R3		 2021-05-19 -
2021-08-17		 3 months crt.sh
s.ad.smaato.net
Amazon		 2021-03-17 -
2022-04-15		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-11 -
2021-06-30		 2 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
premiumvertising.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-19 -
2022-07-22		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-02-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
node.setupad.com
R3		 2021-05-04 -
2021-08-02		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-05-18 -
2021-07-27		 2 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh

This page contains 31 frames:

Primary Page: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Frame ID: 2870674FBF882F29ACE99D20F38A1B8C
Requests: 63 HTTP requests in this frame

Frame: https://cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
Frame ID: 50344EC984E9515732A6EDC1CA01F134
Requests: 28 HTTP requests in this frame

Frame: https://storage.googleapis.com/setupad/ldt3Y37cfk.js
Frame ID: 2A0473D71317F7B302E2B9C40CC07A94
Requests: 39 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 0869435855567AF2153C963E9E0934F4
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 172BC363D13CD69119BC42FA88BA5AAA
Requests: 11 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&dl=n-smaato_pm-db5_cnv&dcc=t
Frame ID: 06B02E2090329E3B585056A10B4FAF52
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 65EC8B168B884CC93D46EB1FC9EF0D64
Requests: 6 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Frame ID: 33F0E034D4B970F80243AFDD676AE05B
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGoScXHhTjcwNmxBupAAAAAAA&expiration=1622472632&is_secure=true&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Frame ID: 017E5674409A94B6D45F3019123B9AF0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Frame ID: 55F1B8F847E3D563BEA80B94B417CC4A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8F41BF350332A080282B861986B967E6
Requests: 21 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8EBCA386-0CB0-4BFD-A14D-EA687971208E
Frame ID: 8C58DD2EB1D4928EFF558C7DE2391E80
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&piggybackCookie=3479142945274795001
Frame ID: 148A1B34B59992DB393ECDA0EE9A5A81
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0E8DF9ED9432958AAA54634B53AAD179
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968095825102829710
Frame ID: 792D4595584EE48BD0E8E2A73CAA2E44
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACTKE7BZ00AADDJbj4nmQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 3D5FF603DA73E984F39A53C4F624F522
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&piggybackCookie=$UID&gdpr=1
Frame ID: 4B787E32B3305C20F37557E9311F1F3E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=8EBCA386-0CB0-4BFD-A14D-EA687971208E&ex=pubmatic.com
Frame ID: 629FE3D3E6C1CD24A001BEACE2DAF309
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Frame ID: 7E19E7E290AC2E62ECF606F661F4B7D6
Requests: 17 HTTP requests in this frame

Frame: https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 49C9C8202B4A6E5E8C3A701166E57478
Requests: 14 HTTP requests in this frame

Frame: https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 53465F14BE6FEFA42A2BD204FFC6305B
Requests: 35 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 71BAA47F85FCF6429C7A8F542196DF26
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E271FCFC7C3530B87A9EB7B7BCE8A5D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1D976CF9AFBEF03A6D5B93EBD054887C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 21FCC8217631F50B9062ADC5EA334BA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNUduT-z6C5qXlFfZRVz10tuLWfD_B_vH1464B-NJ_CacUPd8mYRXT1feEt-aQEzMKO_WTVYyYgKkpjVzhdz0U6fF3xC6lGp9HGcxZGD2XaFYuUiJYqMgTw1TR9sIKvjnuqXs8yMBqm7ECA798-3gl9qdQdWqybPlEXc2DFhQXT3dPoTOO0K0xFUUglYdDcciCsNkqMiC_YV51ibw5pvQh_NAgf0rw
Frame ID: 6D45ED9680E3A3277BBB041020B29196
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 16BAA672C37FFBB3E45CE039E1BEE3D5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55098A2D3FDC2A35B192BB23D2EB4997
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA0DD1F32B6FD757F973E6D5894C82C5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 7ADD8390807E7080B73070FEADBE3199
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com&gdpr=1&gdpr_consent=BPHBH4xPHBH4xAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Frame ID: 8555C8019C1A71BDF575A64486DAA970
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

280
Requests

99 %
HTTPS

41 %
IPv6

58
Domains

107
Subdomains

76
IPs

11
Countries

4931 kB
Transfer

9600 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=408379257&utmhn=sharemods.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20Stamford%20Bridge%20rar&utmhid=424042&utmr=-&utmp=%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&utmht=1622386231945&utmac=UA-15082559-23&utmcc=__utma%3D94093407.2089567392.1622386232.1622386232.1622386232.1%3B%2B__utmz%3D94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=618620085&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15082559-23&cid=2089567392.1622386232&jid=618620085&_v=5.7.2&z=408379257
Request Chain 60
  • https://ads.betweendigital.com/adjson?jst=hb&ord=4944473887107674&tz=-120&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=1050865a928dffe&transactionid=4fded816-926a-4d83-b35d-3f0d6c07f267&auctionid=8ddc271c-0723-489b-b957-fe9c9a4cd50b& HTTP 302
  • https://ads.betweendigital.com/adjson?jst=hb&ord=4944473887107674&tz=-120&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=1050865a928dffe&transactionid=4fded816-926a-4d83-b35d-3f0d6c07f267&auctionid=8ddc271c-0723-489b-b957-fe9c9a4cd50b&crf=1
Request Chain 75
  • https://ads.betweendigital.com/adjson?jst=hb&ord=1616253516849264.2&tz=-120&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=147b13af5c90d61&transactionid=506d97b6-ae53-431d-96a9-174978d0e6d0&auctionid=be322584-6196-4dfb-b890-40121d2974a8& HTTP 302
  • https://ads.betweendigital.com/adjson?jst=hb&ord=1616253516849264.2&tz=-120&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=147b13af5c90d61&transactionid=506d97b6-ae53-431d-96a9-174978d0e6d0&auctionid=be322584-6196-4dfb-b890-40121d2974a8&crf=1
Request Chain 83
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 86
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&dl=n-smaato_pm-db5_cnv HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&dl=n-smaato_pm-db5_cnv&dcc=t
Request Chain 116
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KPBAVGLC-2-AYK5
Request Chain 121
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1 HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=ba77962f37212a8&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGoScXHhTjcwNmxBupAAAAAAA&expiration=1622472632&is_secure=true&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Request Chain 123
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YLOmOAABNRWu-QBg HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YLOmOAABNRWu-QBg&_test=YLOmOAABNRWu-QBg
Request Chain 124
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Dj2LYutilXjqoQ2oUfSg9w?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8899919838657406818
Request Chain 125
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=dbb660b3-a638-4a00-b3c7-499d0e6a383e
Request Chain 126
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPBAVGLC-2-AYK5&sigv=1&esig=2~7ad0c9d264c31e0bbcb6bfdba1630be9079cb5a8
Request Chain 128
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCQVZHTEMtMi1BWUs1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCQVZHTEMtMi1BWUs1&google_tc=
Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBENp4XYObo6XHn66EjFugE&google_cver=1
Request Chain 130
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWJiZDQwMTBlOWE0YTIzN2FiN2VlZjg1MDgyYWQ4Nzk0ZjU0MGE5Yg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWJiZDQwMTBlOWE0YTIzN2FiN2VlZjg1MDgyYWQ4Nzk0ZjU0MGE5Yg&google_tc=
Request Chain 135
  • https://c1.adform.net/serving/cookie/match?party=14&cid=8EBCA386-0CB0-4BFD-A14D-EA687971208E HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8EBCA386-0CB0-4BFD-A14D-EA687971208E
Request Chain 136
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&piggybackCookie=3479142945274795001
Request Chain 138
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968095825102829710
Request Chain 139
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVEtFN0JaMDBBQURESmJqNG5tUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACTKE7BZ00AADDJbj4nmQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 140
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&piggybackCookie=$UID&gdpr=1
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jryjhgywS_2hTepoeXEgjg%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jryjhgywS_2hTepoeXEgjg%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 143
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dbb660b3-a638-4a00-b3c7-499d0e6a383e
Request Chain 144
  • https://pixel.onaudience.com/?partner=214&mapped=8EBCA386-0CB0-4BFD-A14D-EA687971208E HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=0d4a86d6-8132-4f12-8a04-8d8eb185b6bc&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=72afa0ff45b94b07c21dde96de74d388 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=582f84b80193f48b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ea1fe536-3593-480f-6a98-6fa16249c945&reqId=93d3f4b9-1e61-4116-57a6-af350149e142&zcluid=582f84b80193f48b&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJmGTeHfGOSdNKPoRrlVxoc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ea1fe536-3593-480f-6a98-6fa16249c945&reqId=93d3f4b9-1e61-4116-57a6-af350149e142&zcluid=582f84b80193f48b&zdid=1332
Request Chain 145
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3499700684625337685
Request Chain 146
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:dbb660b3-a638-4a00-b3c7-499d0e6a383e&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Request Chain 147
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e6c2e51-80d8-4ca2-8c7d-01a8b6da202f
Request Chain 149
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D1%26gdpr_consent%3DCPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4341105458209089406&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Request Chain 151
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8EBCA386-0CB0-4BFD-A14D-EA687971208E&redir=true&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oOzqlu9E2uVY8YELG0IPmQE80jnkuAc-~A&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Request Chain 152
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SwwUVhwKRVxQDBNQHl1bBk0JQVdQXRMEHgtMzDY7
Request Chain 153
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=f753a3c9-4344-4b89-8821-132f8f8a868e&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=712cbcba-5622-4597-8511-d26fa4132945&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 154
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D1%26gdpr_consent%3DCPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLOmOAABNRWu-QBg&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Request Chain 155
  • https://ad.turn.com/r/cs?pid=1&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4550270534800263309&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&us_privacy=
Request Chain 156
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:52eb1415-b03a-4511-800a-d7aaa2e2140d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 157
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8EBCA386-0CB0-4BFD-A14D-EA687971208E&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6646e06b1b3212ae&is_secure=true&networkId=17100&version=1&nuid=8EBCA386-0CB0-4BFD-A14D-EA687971208E&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGopLjXs9d9wNG8UCWAAAAAAA&expiration=1622472633&nuid=8EBCA386-0CB0-4BFD-A14D-EA687971208E&is_secure=true&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Request Chain 158
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 185
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=dbmnat_Pros_iPhone12_Mini_WKZ_rect_desk_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=dbmnat_Pros_iPhone12_Mini_WKZ_rect_desk_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2021053016503350887313917X117667V1225131106MSdbmnat_Pros_iPhone12_Mini_WKZ_rect_desk_view HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021053016503350887313917X117667V1225131106MSdbmnat_Pros_iPhone12_Mini_WKZ_rect_desk_view&wfid=117667
Request Chain 202
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRjIIumx4PfGLYovRr7Mnk&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRjIIumx4PfGLYovRr7Mnk&google_cver=1&C=1
Request Chain 234
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLOmOuW3TNDVab2aVHOl4gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRjIIumx4PfGLYovRr7Mnk&google_cver=1
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEB-qHur4UDLUcnOb4nPXgKY&google_cver=1
Request Chain 236
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0MTEwNTQ1ODIwOTA4OTQwNg%3D%3D
Request Chain 252
  • https://gcdn.2mdn.net/videoplayback/id/12c55a09403ca39a/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765705198/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/2EE3812DDB4841768FA0A1DACE1422E3D37F1EDD.FFC433A0379CCE4F7C65928A31E07EAD68D7A3D/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/12c55a09403ca39a/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765705198/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E6B2F62FCCAE353702EB07C7EE4FEA381266F5A.5A2CE627B46D8E149CF9D5AFE2324080398576C7/key/cms1/cms_redirect/yes/mh/w-/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1622385870/mv/m/mvi/3/pl/50/file/file.mp4

280 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Stamford_Bridge.rar.html
sharemods.com/1dwlx2z0gsxd/ 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
025e5664fd9bb18297c92464714137cf522a1a8c65884a4aa2ce7b6f9326b88f
Security Headers
Name Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
sharemods.com
:scheme
https
:path
/1dwlx2z0gsxd/Stamford_Bridge.rar.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=0;includeSubDomains;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
expires
Sat, 29 May 2021 14:50:31 GMT
set-cookie
lang=english; domain=.sharemods.com; path=/ aff=118691; domain=.sharemods.com; path=/; expires=Sun, 13-Jun-2021 14:50:31 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a5f5a60930000331d9a21a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Zhs18gwCCp7YcIc8xkLXTmcG3yRlAfENci6wCTYQfEglM6M9o3Wwygg%2B2vDzeHSIPlIyjGjxhSYEb5RK0XvYwE5wBHZIi31DikaVQi%2F69pamQ56%2FrTGXIMHH"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6578c67a8caf331d-CDG
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2c95390f2b8da59860d44f7749eae70b7cc88e041efd3c5046ae36cd7ddb1c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 14:07:14 GMT
server
ESF
date
Sun, 30 May 2021 14:50:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 14:50:31 GMT
jquery-1.9.1.min.js
sharemods.com/js/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/js/jquery-1.9.1.min.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

:path
/js/jquery-1.9.1.min.js
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185213
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a61890000a8af9d367000000001
last-modified
Wed, 28 Oct 2020 10:37:59 GMT
server
cloudflare
etag
W/"5f994a07-169d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=J7OGBflM1zaQws294mwqDkRiQkfCqnVFvF8mJ9Oi7och3errHvErNX9c8rS5QciAHKKu1RJEsVPjhs%2FlNEVh%2Fm3OenNb2%2Fi1Aq87K9awMGmVi%2Bk6rtEpJcbv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6578c67c0b84a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.css
sharemods.com/css/ 		117 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/css/bootstrap.css
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee627640d99d0061c431a7eb0cf6523c6fda4148a5aeaab5c14400c1b74d8723

Request headers

:path
/css/bootstrap.css
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185213
cf-polished
origSize=144219
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a61880000a8af78914000000001
last-modified
Wed, 28 Oct 2020 10:37:59 GMT
server
cloudflare
etag
W/"5f994a07-2335b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DdtJUQe9PhAlBGTlz7qa7aO93qwt5Um8nnrp8NaXb%2FwfrYx%2F6CX4pS37rQq%2BPoELMrkTXMoCo8Wa7k%2FNyXBaXsfUKjrpvegnLmSOVkaxPeqLy4jhtsLv7jWW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6578c67c0b83a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617
age
5939461
cdn-cachedat
2021-03-11 11:57:50
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a616e00004e74e6880000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3033c5b7ea34684b20a8f4234fea378f
cf-ray
6578c67bea604e74-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://sharemods.com
Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
3453110
cdn-cachedat
2021-04-20 17:33:27
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a617b00002bf23b9b7000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2d857e44b709a091d71d89404e529cc9
cf-ray
6578c67bfde62bf2-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617
age
5939313
cdn-cachedat
2021-03-11 11:57:55
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a616d00004e74e038e000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a9f1136dc57a7605179530d5ffb85493
cf-ray
6578c67bea5d4e74-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
all.css
use.fontawesome.com/releases/v5.1.1/css/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.1/css/all.css
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d98121a51ed3f911f519cf42be28225dc26b4c9d61cfab0a580118e5c3447463

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
gzip
last-modified
Tue, 17 Jul 2018 17:49:49 GMT
server
NetDNA-cache/2.2
etag
W/"597b70b2ce6b1483f72526c906918fe9"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
v4-shims.css
use.fontawesome.com/releases/v5.1.1/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1458c65cd927c3e5bf35667665280eaaf849eef09ed217983334c5c8a78f6759

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
gzip
last-modified
Tue, 17 Jul 2018 17:49:51 GMT
server
NetDNA-cache/2.2
etag
W/"01727b5056f65c2ac938f5db4e552b10"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
style.css
sharemods.com/css/ 		59 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/css/style.css?ver=1.102
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93c8456a1b349a3a1ad21e38210fb9766aab9018bef1626349a78125a9451155

Request headers

:path
/css/style.css?ver=1.102
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185213
cf-polished
origSize=77227
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a61890000a8afb11dd000000001
last-modified
Wed, 14 Apr 2021 07:59:41 GMT
server
cloudflare
etag
W/"6076a0ed-12dab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lXrO8Wb5C%2B%2FbHhhWzJZle3TQH6AqPZxHYWhaUHMURNEgixhhKB%2FRaOR9Ga7cBXmwZuWrijZU9cfD661UBb0GfBlhhtsdzQEVVtqGyidcLkep%2FEOf8OyzNRgl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6578c67c0b82a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap-select.css
sharemods.com/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/css/bootstrap-select.css?ver=1.101
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee20b0a59b8ff59e7b7ef0ab572087dcd1acb8ddf3e8d9766b4179366a22c9a

Request headers

:path
/css/bootstrap-select.css?ver=1.101
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185213
cf-polished
origSize=12471
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a61880000a8afb11dc000000001
last-modified
Fri, 05 Jun 2020 12:01:55 GMT
server
cloudflare
etag
W/"5eda3433-30b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=T0qWGEQ4ScEgjKpdNhh%2B63vqrl%2BI7E7O0aYQQGy%2FLGgJ7PxIJ07%2FvQvSLD6bV%2BZEHBWACfLkhjuReO5WgcoLnOKJAmeObXKEdWw%2FKF6Ni9rMxNyGwbFqAKp7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6578c67c0b81a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
theme-update.css
sharemods.com/css/ 		77 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/css/theme-update.css?ver=1.19998
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e291415534966f35e013a6298b0c28481c5902bc14b41c59ebbd63cece750804

Request headers

:path
/css/theme-update.css?ver=1.19998
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
282765
cf-polished
origSize=95601
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a61870000a8af80802000000001
last-modified
Thu, 27 May 2021 08:03:28 GMT
server
cloudflare
etag
W/"60af5250-17571"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=twbRlymjph9%2BssRZO7W59nP0U7zqwzjiqaxnX31bbbWCddLgrLfSUbWIimuf46Mg9cA5xyQqDAdkdTgpmLF7D4jjTJoCniSl%2FVn2Jpue88uZrHZh1aEixIJp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6578c67c0b80a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.paging.js
sharemods.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/js/jquery.paging.js?ver=1.101
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff6be8f3b815dfa79d5ca2e915bd5c2d96bf3133c7b6dbc50f87849933bc818

Request headers

:path
/js/jquery.paging.js?ver=1.101
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185213
cf-polished
origSize=19365
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a618c0000a8af82830000000001
last-modified
Wed, 28 Oct 2020 10:37:59 GMT
server
cloudflare
etag
W/"5f994a07-4ba5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vXobS9GrFORzfJfDll9IbaSo7HtA1Q1ynSvGgb9rD1OhN3LEZ6wDwBedG0RB5I0NzqGsX8MGoU4OsqNAkDNFF%2FbBJkgEyoxo5wYKiaj8VP%2FwP4YRWTVU16%2F%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6578c67c0b86a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.cookie.js
sharemods.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/js/jquery.cookie.js?ver=1.101
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
250e367ff82ec35e8bdfd782251214c82c9f22640a2b994ecbfdb185c1f28f56

Request headers

:path
/js/jquery.cookie.js?ver=1.101
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185213
cf-polished
origSize=3121
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a61890000a8af8282f000000001
last-modified
Wed, 28 Oct 2020 10:37:59 GMT
server
cloudflare
etag
W/"5f994a07-c31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s3iC4Ul8KHS7iLT0Rv2BmOOSJwqFNQWoiYALiDKDOf6SXBjsFKci1Vaf15pJDbnajP91MqsoAjtWhtsba5nR%2B8t2eQB4Rp53mWY74rki0SE7cYqPIUf9ncGE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6578c67c0b85a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
paging.js
sharemods.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/js/paging.js?r=1
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc96bd4bbaeb5f4f6b9ea81d2f995711064f7ca8e90362892122de20bbfba2e

Request headers

:path
/js/paging.js?r=1
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185213
cf-polished
origSize=1880
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a61870000a8af72837000000001
last-modified
Wed, 28 Oct 2020 10:37:59 GMT
server
cloudflare
etag
W/"5f994a07-758"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=L8UmuQ4ZFNUyS2eQRoGuf%2BeMFKDanv80blfDSOH3ORoUJ%2FjJSvFqQX%2B70RcSyB1vH47fTmpN6Gd6TT%2Fv%2Bl7CQAiOSerpJ%2FCdhK49CfAISwq7%2B3EsNlIuDUTx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6578c67c0b7fa8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
cc7930c46bc124f85f2f4e68bf9ccd0456d77c48759cd3e301b040e3dcdf57fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"887 / 476 of 1000 / last-modified: 1622153417"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21427
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:31 GMT
sharemods.js
stpd.cloud/assets/hb/ 		852 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/hb/sharemods.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02fc34740bf9b22f18f82a1bbe062cbbb5a9eb526d905fcdd46936cdf04c086e

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
content-md5
oHhUJwytENTBierN/ESj4w==
age
1340
cf-request-id
0a5f5a620e00004ab03a950000000001
x-ms-lease-status
unlocked
last-modified
Fri, 28 May 2021 10:23:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cmZX9mqiFqsQGbrQ5qsnNi7PrpLRs0lNr4nCtBDF0OhEvwYFASDeAYACVUYHNLMd6XpTpoYwa%2FTsfPYrUymtnetGmsAfcIJvjq8xubH1J%2B5RxWkbckAzHWqm896LzYHay3fL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-ms-request-id
fa59e5a2-b01e-0026-14ab-53b78f000000
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6578c67cef694ab0-FRA
cookieinfo.min.js
cookieinfoscript.com/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookieinfoscript.com/js/cookieinfo.min.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2782
x-amz-meta-cb-modifiedtime
Wed, 07 Apr 2021 11:38:58 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6FZAM1364E2BV84G
x-amz-id-2
+Uhlf5OUoVQ5xFl26ru3QJIN8Q2TaB/GZHt1NWs2sCynlXAyIfWOeCU/H17Ts5pLUVeqfjdmw+o=
last-modified
Wed, 07 Apr 2021 11:39:17 GMT
server
cloudflare
etag
W/"d15d93068c1121f63008407d339bd819"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F%2FCfgK6nmHZvzip8egtp%2BSUx%2FZ7xYYKgnzSqz%2BSa%2FBJBy2gKc1ZaPNWAHpKMO6kFqXicIeRwYtbo2JKqRkFLtih87mS2cNYjJCD9xA7mg411sXWJeR%2BXAvQ8BB%2BC%2BY%2FdxBge2aPh%2BCmjzxi4CG8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-request-id
0a5f5a6183000016eef3160000000001
cf-ray
6578c67c0af816ee-FRA
api.js
sharemods.com/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/cdn-cgi/bm/cv/669835187/api.js
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pyExvTqfhdw3Pob9zIDdZfIBVSCylqvaQ7k%2BATITOpc8jGKpCC%2F3bkfkomtGdueMmtBNC2PP39RCKvpem8Amz%2BhHpDhATLm1mg%2FifYHkhzYJmuhUlC08Fblf"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
6578c67ccc1fa8af-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a61ff0000a8afab9e8000000001
logo.png
sharemods.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharemods.com/images/logo.png
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
013aabe6a5fe6bff034c59ef1839ca770ebab2baa66c160efef5331229b98969

Request headers

:path
/images/logo.png
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185212
cf-polished
origSize=3940
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1649
cf-request-id
0a5f5a62010000a8af7f95f000000001
last-modified
Mon, 04 Jan 2021 07:00:33 GMT
server
cloudflare
etag
"5ff2bd11-f64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BpuLg9QloO3WkJBNbBzzYwG%2FkSzcMjX30Dg36GLXoO9Ca5pm69rzGcueTsLNZXQ490V4c%2BUtokEK8Q2Shi4OBhJWcOoew4QRmyxmWanOW%2F%2Bt1JHjVJf2ECgV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6578c67ccc22a8af-CDG
cf-bgj
imgq:100,h2pri
share.js
sharemods.com/js/ 		329 B
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/js/share.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b3cd5e8d2207976f8f687c84eba22d83cf960318fa8f7a6f31022ef4e69208

Request headers

:path
/js/share.js
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185212
cf-polished
origSize=354
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a61fc0000a8af92b79000000001
last-modified
Wed, 28 Oct 2020 10:37:59 GMT
server
cloudflare
etag
W/"5f994a07-162"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YxbXRtlmAgAGx7Mx3ZWXjaxAZ1lfUfCOxIPbYq6wpXKqaaYo%2BVLIlxe4onUimCOeYbkMxeFNFJg4%2FleDPQBiHiphrChn26qpGy1coxvAoqVpNM6Y%2Fsog0Vp6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6578c67ccc16a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
countdown.js
sharemods.com/js/ 		484 B
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/js/countdown.js?rand=dfgfg
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68c8b1ff1f38e8c5e7ad80fc75f225610ec3a9a6d3319516785d79336f82d746

Request headers

:path
/js/countdown.js?rand=dfgfg
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185212
cf-polished
origSize=626
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a61fc0000a8af873dc000000001
last-modified
Wed, 28 Oct 2020 10:37:59 GMT
server
cloudflare
etag
W/"5f994a07-272"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=80exOplUts0aHNADiYnpXys2aREwDzXoT0Ko%2Bhrfy7RW0mUoJE2QYVohek7XdCCr%2Fai1SEhuNa%2B40%2Fe8mG3gibSsMqKK%2FEBobZIRM7jVQVQMazc%2FtlheaSip"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6578c67ccc19a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
ico_down.png
sharemods.com/images/ 		255 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharemods.com/images/ico_down.png
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5211a382edbdc5735bcef4a602013024eacec74802285bfe83e19f6b90a7b921

Request headers

:path
/images/ico_down.png
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185212
cf-polished
origSize=381
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
255
cf-request-id
0a5f5a62000000a8af6f3c4000000001
last-modified
Wed, 28 Oct 2020 10:37:59 GMT
server
cloudflare
etag
"5f994a07-17d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c999E%2FKAlYevKqTQxW0OveLfXua4AzthQDdeHAaKKamt7j2dRoSTnI3TK3m6tG1FTJrLGBiPcb%2BdWIIRFEGznM5BnxJJ570sSCBXsQBYPkKOqYK5AQrJ29aW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6578c67ccc24a8af-CDG
cf-bgj
imgq:100,h2pri
16756
scamblefeedman.com/1clkn/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scamblefeedman.com/1clkn/16756
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
51.68.161.27 , France, ASN16276 (OVH, FR),
Reverse DNS
ip27.ip-51-68-161.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:50:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Keep-Alive
timeout=20
bootstrap-select.js
sharemods.com/js/ 		71 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/js/bootstrap-select.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17a6c7a61593005b4d3f273d3728c956bf8f711bc5acc4205c8350ccb19d102

Request headers

:path
/js/bootstrap-select.js
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185211
cf-polished
origSize=122037
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a61fe0000a8af91b38000000001
last-modified
Fri, 05 Jun 2020 12:06:19 GMT
server
cloudflare
etag
W/"5eda353b-1dcb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QeZ2dEIBxaq%2FOH3R4vlVAkeYtOCy1fkCGhAdoap36V4%2FntoKhkVU1LjBWbrprqZVEioF%2FamD6RyFkiQ%2B9pzItusaktjqythmpCfCWbgLtNreioCGhzkGfICS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6578c67ccc1ba8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
functions.js
sharemods.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/js/functions.js?v=1.21
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0913ffc67cfdfb69fb6db7be06be5445f92be9bdf5de322645778f1ab365f097

Request headers

:path
/js/functions.js?v=1.21
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185212
cf-polished
origSize=1650
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a62040000a8af7283f000000001
last-modified
Wed, 31 Mar 2021 13:59:44 GMT
server
cloudflare
etag
W/"60648050-672"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MZey8QqOskn3K4vCwd1M4vLBuuxoFwKD9DwhSceuSaJJv5nfwK7g5nuf1waALnms8bbOlP%2FpyoFGLKHU4oje49287W2JHe2Wk2ws1FKKK9NdPsLHh059KhNu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6578c67ccc1da8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
user-icon.svg
sharemods.com/images/ 		627 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharemods.com/images/user-icon.svg
Requested by
Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.19998
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f7dedcb745dc0bab408500233c46798f7f63a2dd2e38e7a471d0e9903461621

Request headers

:path
/images/user-icon.svg
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sharemods.com
referer
https://sharemods.com/css/theme-update.css?ver=1.19998
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/css/theme-update.css?ver=1.19998
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185212
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a62050000a8af8080a000000001
last-modified
Thu, 03 Dec 2020 15:49:45 GMT
server
cloudflare
etag
W/"5fc90919-273"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CH4GXT7OvWz9ZmeZNhr0vizoT0hrFfe3KuHbDtR6UaeOR0mDQEDOIAERP0xF0n1rSB5Cenc%2FDPE34%2FUi2QBrVUPVJwuinWPT4EBFhk0PtiV3wD55YCR1ybD7"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
6578c67cdc2fa8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
flags.png
sharemods.com/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharemods.com/images/flags.png
Requested by
Host: sharemods.com
URL: https://sharemods.com/css/style.css?ver=1.102
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

:path
/images/flags.png
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sharemods.com
referer
https://sharemods.com/css/style.css?ver=1.102
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/css/style.css?ver=1.102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185211
cf-polished
origSize=15180
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15022
cf-request-id
0a5f5a62050000a8afa398a000000001
last-modified
Wed, 28 Oct 2020 10:37:59 GMT
server
cloudflare
etag
"5f994a07-3b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CCW0iEfdQpZcigqEQn6dqzfkBEyQisxcM5dgy%2F4Ysi9rl%2F%2F%2FNbdUjoEc69jUDpwkydBhDfEgpCm8t6ULoAq0BnU6R3a7lVPfPs3zSFKYCVfiJMrhgh0xrkKX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6578c67cdc32a8af-CDG
cf-bgj
imgq:100,h2pri
files-icon.svg
sharemods.com/images/ 		737 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharemods.com/images/files-icon.svg
Requested by
Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.19998
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef043ad0f584be24e633c8330573ec63cef28af43f60dd382e489b14bdc17db9

Request headers

:path
/images/files-icon.svg
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sharemods.com
referer
https://sharemods.com/css/theme-update.css?ver=1.19998
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/css/theme-update.css?ver=1.19998
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
443703
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a62060000a8af898fc000000001
last-modified
Mon, 07 Dec 2020 09:11:37 GMT
server
cloudflare
etag
W/"5fcdf1c9-2e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XkdUCr5mo2mE9Rl3KrKEwg5ts5VdP0cTgcML5wGMFw%2FrZ%2BxOXCrgQzBE%2F6tpGjiOuaNzC9gKqfDZqKAI3MeYB7LhNo4n%2Fh9UhdS2zVe4HaJUgKC9mByDOg8o"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
6578c67cdc33a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
my-files-illustration-image.svg
sharemods.com/images/ 		65 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharemods.com/images/my-files-illustration-image.svg
Requested by
Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.19998
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
137b7e16607cc0bb3b770b248c263e600e979c12150d221f4687b40f4f08b3e3

Request headers

:path
/images/my-files-illustration-image.svg
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sharemods.com
referer
https://sharemods.com/css/theme-update.css?ver=1.19998
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/css/theme-update.css?ver=1.19998
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185211
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a62060000a8af97950000000001
last-modified
Tue, 08 Dec 2020 09:34:40 GMT
server
cloudflare
etag
W/"5fcf48b0-1030a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vAGg8X6CoSPEsEl4tLqdLu%2BpRIrevatosrQhkwuEZXfO6v90ZE8doOifM%2F2YKTc9SDeWNJAjUGsS34iweGU%2BfySrNypSBInOJ%2ByWv3HprPXQneSVKgJzL2SN"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
6578c67cdc34a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
my-files-illustration-image-1.svg
sharemods.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharemods.com/images/my-files-illustration-image-1.svg
Requested by
Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.19998
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eead1a11f9e744413f227f47ffbb38f0d8ab89473511741ebb4aedec507fc5c

Request headers

:path
/images/my-files-illustration-image-1.svg
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sharemods.com
referer
https://sharemods.com/css/theme-update.css?ver=1.19998
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/css/theme-update.css?ver=1.19998
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185211
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a62070000a8af7891a000000001
last-modified
Tue, 08 Dec 2020 09:36:04 GMT
server
cloudflare
etag
W/"5fcf4904-9cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cSW2e%2Bn8OMdJol4MUUMn521H1KMDaXMm3OJlFpnVuOc7mUCTVEkcIOHxqrdO2al7hjKnXQD6YI08WqsjXUS2IDloHjtBg1blR%2F9Seejktz5TNZK7QQ66WWsm"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
6578c67cdc35a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
my-files-illustration-image-2.svg
sharemods.com/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharemods.com/images/my-files-illustration-image-2.svg
Requested by
Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.19998
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d040ca5b4ddfc7d518c8845a34dd6ae312bbc6221767fdd76738e3a9e2c88cf5

Request headers

:path
/images/my-files-illustration-image-2.svg
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sharemods.com
referer
https://sharemods.com/css/theme-update.css?ver=1.19998
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/css/theme-update.css?ver=1.19998
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185211
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a620c0000a8af6f3c6000000001
last-modified
Wed, 09 Dec 2020 11:51:36 GMT
server
cloudflare
etag
W/"5fd0ba48-a9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ojWr7yCHezgZDlqX8Bg4r5Lse28nniK3L7BLDkAmzopIrwBRzNiTVrJGcgJX%2B0oTYCZC6Hw%2Fs2LIMUFJij1ug7spz32G5FpKnYqsnutPrptrT2gfVbl7hAzC"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
6578c67cdc36a8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
page-header-bg.png
sharemods.com/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharemods.com/images/page-header-bg.png
Requested by
Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.19998
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a493c7b6b2c0149cd999f3d0509d7e3b4880a215a1a8bbcc7a6775aaf2b96c5

Request headers

:path
/images/page-header-bg.png
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sharemods.com
referer
https://sharemods.com/css/theme-update.css?ver=1.19998
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/css/theme-update.css?ver=1.19998
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185211
cf-polished
origSize=49058
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40465
cf-request-id
0a5f5a62070000a8afa0af9000000001
last-modified
Thu, 03 Dec 2020 06:48:18 GMT
server
cloudflare
etag
"5fc88a32-bfa2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3bY%2FvjXNUgVG8GEcm%2F%2FeUIZpc04Szgo%2B7OF2CyM2E0OQcVIPAleN3E%2BWtYmP2tVzBWRp%2FeqyLfdKbg4oqr6u2Lh1ui%2F%2BgV0yguu1upFHLvRpgWfCjnTsLW9%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6578c67cdc37a8af-CDG
cf-bgj
imgq:100,h2pri
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://sharemods.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:30:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:24 GMT
server
sffe
age
407993
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14992
x-xss-protection
0
expires
Wed, 25 May 2022 21:30:38 GMT
4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://sharemods.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 09:13:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:02:31 GMT
server
sffe
age
452203
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38108
x-xss-protection
0
expires
Wed, 25 May 2022 09:13:48 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://sharemods.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
age
407905
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
pubads_impl_2021052401.js
securepubads.g.doubleclick.net/gpt/ 		309 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 08:37:29 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110966
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:31 GMT
adx
pubads.g.doubleclick.net/gampad/ 		49 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1622386231857
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8370b98acbf163cc3f265a8029660897137689ab631ff68c02ac9e7e67584fd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15376
x-xss-protection
0
google-lineitem-id
4898432152
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274894658
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://sharemods.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
single-file-icon.svg
sharemods.com/images/ 		440 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharemods.com/images/single-file-icon.svg
Requested by
Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.19998
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee9febe9329d861bc8140ec71c25016aacf584caaf64cb280ec0ee6463cf80e

Request headers

:path
/images/single-file-icon.svg
pragma
no-cache
cookie
lang=english; aff=118691
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sharemods.com
referer
https://sharemods.com/css/theme-update.css?ver=1.19998
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sharemods.com/css/theme-update.css?ver=1.19998
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185211
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a62380000a8af9c28c000000001
last-modified
Wed, 09 Dec 2020 09:48:34 GMT
server
cloudflare
etag
W/"5fd09d72-1b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u3EZVvZFC9BQfmrFrheA6%2F7RGzoW4IN%2FWKZ1BWJjXEo%2FsvpPUcW9Qun%2Bt0dKX2AgJZJ2tkErPjFkhFaysJYXaEmy37VDSmLIA%2FRBvxwBTVkkcE1t6ZY1D16c"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
6578c67d2c5ea8af-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
adx
pubads.g.doubleclick.net/gampad/ 		42 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/sharemods.com_336x280_2_DFP&sz=336x280&t=Placement_type%3Dserving&1622386231869
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3f2eaed1b4272059b3dad6b2ea036eab5c5da99645977128266fb43c4d255a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13501
x-xss-protection
0
google-lineitem-id
4898437627
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138255452941
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://sharemods.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adx
pubads.g.doubleclick.net/gampad/ 		56 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/sharemods.com_728x90_DFP&sz=728x90&t=Placement_type%3Dserving&1622386231870
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
6299eb7d8d1e9a93b0a0cacbcf1d9b54de3064f0a374dec704f72d9ba0ce9071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13028
x-xss-protection
0
google-lineitem-id
5657163034
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138344825762
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://sharemods.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
falcor.all.min.js
www.premiumvertising.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.premiumvertising.com/falcor.all.min.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3f8c3efc8251c54075ea44d91b1d5e8e65c8187f09f30ac7912ee0ed0426805b

Request headers

Origin
https://sharemods.com
Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1ry/dpdLvt84BAA==
date
Sun, 30 May 2021 14:50:31 GMT
content-encoding
br
server
CDN77-Turbo
link
<https://premiumvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
x-77-nzt-ray
I3+eM+h4N+E=
x-77-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
x-77-pop
frankfurtDE
x-cache
HIT
x-age
118455
alt-svc
quic="195.181.175.47:443"; ma=2592000; v="44,43,39"
expires
Sat, 05 Jun 2021 05:56:16 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2174
date
Sun, 30 May 2021 14:14:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sun, 30 May 2021 16:14:17 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://sharemods.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 08:44:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:43 GMT
server
sffe
age
108346
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28968
x-xss-protection
0
expires
Sun, 29 May 2022 08:44:45 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://sharemods.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
407891
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:20 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=408379257&utmhn=sharemods.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downloa...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15082559-23&cid=2089567392.1622386232&jid=618620085&_v=5.7.2&z=408379257
35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15082559-23&cid=2089567392.1622386232&jid=618620085&_v=5.7.2&z=408379257
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 30 May 2021 14:50:32 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:31 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15082559-23&cid=2089567392.1622386232&jid=618620085&_v=5.7.2&z=408379257
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
370
expires
Fri, 01 Jan 1990 00:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/sharemods.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 16:30:51 GMT
content-encoding
gzip
server
Server
age
80380
etag
6bda376aea84df42909484ff0d20f22a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
7iV2kGh8hACCLQM7XX9BldZxc25jPH1q
x-amz-cf-id
hmjk4UkCCVy8d7RhOhXtIEAqbSy4SerLZFHLszGQJwYx_e2-Sl9HgQ==
ldt3Y37cfk_190527.js
cloud.setupad.com/postbid/ Frame 5034 		128 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.77.178 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
178.77.190.35.bc.googleusercontent.com
Software
nginx/1.14.1 /
Resource Hash
3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 18:52:04 GMT
content-encoding
gzip
age
590308
alt-svc
clear
content-length
37956
access-control-allow-origin
*
last-modified
Fri, 28 Jun 2019 12:58:40 GMT
server
nginx/1.14.1
etag
W/"5d160f00-1ff27"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 google
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000,public
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Tue, 22 Jun 2021 18:52:04 GMT
stpd190411.js
cloud.setupad.com/postbid/ Frame 5034 		307 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.setupad.com/postbid/stpd190411.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.77.178 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
178.77.190.35.bc.googleusercontent.com
Software
nginx/1.14.1 /
Resource Hash
9f9246a8abfb71eeaf88c77941974ca157bf4b5ff70c35f18eb04d68517d6369

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:06:17 GMT
content-encoding
gzip
age
17055
alt-svc
clear
content-length
116703
access-control-allow-origin
*
last-modified
Wed, 17 Apr 2019 08:11:33 GMT
server
nginx/1.14.1
etag
W/"5cb6dfb5-4ca63"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 google
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000,public
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Tue, 29 Jun 2021 10:06:17 GMT
ldt3Y37cfk.js
storage.googleapis.com/setupad/ Frame 2A04 		102 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/setupad/ldt3Y37cfk.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
892c44736d417c860cbcc028d98126d289bae24e867f22c49bbde6c01919feac

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:52:33 GMT
age
3479
x-guploader-uploadid
ABg5-UzZ8yM0V9QjrUx3zgHBzoWFCl5PTIM0hoHUN6O3voH7E6VqxfPnvS3gZhYk1n5y5E38smf-qb6CleQOSeagsbE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104068
last-modified
Thu, 22 Nov 2018 09:34:39 GMT
server
UploadServer
etag
"b08dfab91c3433cde3f17e936899a1d4"
x-goog-hash
crc32c=k7C4lg==, md5=sI36uRw0M83j8X6TaJmh1A==
x-goog-generation
1542879279775996
cache-control
public, max-age=3600
x-goog-stored-content-length
104068
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 30 May 2021 14:52:33 GMT
stpd180803.js
storage.googleapis.com/setupad/ Frame 2A04 		170 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/setupad/stpd180803.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6ac343c12e8bf468701c45f641404e9a266abab6ce0e32a09136364b45a6723b

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:52:33 GMT
age
3479
x-guploader-uploadid
ABg5-UwIUYJbFp6Di4s7JXw7yeMWbVDa4NLQXP8xS_cvyecp80703QaNmgdW3v4n7uXf6_P66qob-EbueMfa45jf-FU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
173918
last-modified
Thu, 22 Nov 2018 09:21:19 GMT
server
UploadServer
etag
"952f4ec3c91dbc993528a2f88ec03d6b"
x-goog-hash
crc32c=okYv3A==, md5=lS9Ow8kdvJk1KKL4jsA9aw==
x-goog-generation
1542878479770880
cache-control
public, max-age=3600
x-goog-stored-content-length
173918
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 30 May 2021 14:52:33 GMT
stpd201221.js
stpd.cloud/assets/postbid/ Frame 0869 		668 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd201221.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
content-md5
Z31KcnNREDgCG5fqQFS/wA==
age
1552
cf-request-id
0a5f5a632800004ab0eeb7e000000001
x-ms-lease-status
unlocked
last-modified
Fri, 28 May 2021 10:22:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kKNZVU028PNvOs3PraVFlkt6korS6Gftf%2FrUe6JTxMnEThVVoJKp6n3Z%2BPC9cEbBwimuWuFDA1fmuvo9RsIibKZOGKguPAkJAPxjm5FKRhr1Mt1zZbEpX8bpPR327sRogYqr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-ms-request-id
b3a56c4c-001e-0051-07ab-53621b000000
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6578c67eaba74ab0-FRA
result
sharemods.com/cdn-cgi/bm/cv/ 		0
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sharemods.com/cdn-cgi/bm/cv/result?req_id=6578c67a8caf331d
Requested by
Host: sharemods.com
URL: https://sharemods.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.71.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode
cors
origin
https://sharemods.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
lang=english; aff=118691; __utma=94093407.2089567392.1622386232.1622386232.1622386232.1; __utmc=94093407; __utmz=94093407.1622386232.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=94093407.1.10.1622386232
content-length
464
:path
/cdn-cgi/bm/cv/result?req_id=6578c67a8caf331d
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
sharemods.com
referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y2o9QlkWTlo2jIz9qkrcobp5%2FNdcfowK6ImtGessjDmRt9S1ACXTzlJ5H0hbuCbtJgDbM%2F0j9WQu1AYGIgQYyq5fzul2wm8fgw5yodOeizzJvE6k6jnms1Pj"}],"group":"cf-nel","max_age":604800}
set-cookie
__cf_bm=93c2e21bac4885bd226f608f31d7a269657d2545-1622386232-1800-AWcESJVvOOxxVc+OqvxQcPROZ1huHNIEjJnA4falX+4grwE0AkKU8meRY41e+6M8IjuwSQyURicTIFDCIq9jWUnMGEENaomIRyEQ76xC7517CQsjAIociWswI7XhcjtWzz1B23YcWUNuUc4Dojcq1JA=; path=/; expires=Sun, 30-May-21 15:20:32 GMT; domain=.sharemods.com; HttpOnly; Secure; SameSite=None
cf-ray
6578c67edd85a8af-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a63450000a8af873f0000000001
config
c.amazon-adsystem.com/cdn/prod/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&u=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://sharemods.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
KrUO2BxkHlBu1fpDNhfQ-3VIqAApzHkXO9utF-WS_bm-hFwckkHFQw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
75702
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Sat, 29 May 2021 17:50:17 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Xvy_xdaTA5SobtDXMhHoAWFiASfew5LION09wPwB5ffoImzfnH_kEA==
bid
c.amazon-adsystem.com/e/dtb/ 		495 B
799 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&pid=avwb0yDKRaqUO&cb=0&ws=1600x1200&v=7.65.00&t=500&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22980x200%22%2C%22980x250%22%5D%2C%22sn%22%3A%22%2F147246189%2Fsharemods.com_980x250%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22300x300%22%2C%22336x280%22%2C%22320x320%22%5D%2C%22sn%22%3A%22%2F147246189%2Fsharemods.com_336x280_1_new%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x300%22%2C%22336x280%22%2C%22320x320%22%5D%2C%22sn%22%3A%22%2F147246189%2Fsharemods.com_336x280_2_new%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22980x200%22%2C%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F147246189%2Fsharemods.com_970x250_2%22%7D%5D&cfgv=0&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=1&gdprc=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
efbf441214cccb886930074b00c48304c976334158616d967e7f6d903ffd141f

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sharemods.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
423
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
x-amz-cf-id
dBhBVlAF28cLIhAvW7DOS3UFf-MY2UT9DxdJNFwcpHifNpZJXihmEg==
hb
ice.360yield.com/ Frame 5034 		94 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%2223f999f1e39a6d4%22%2C%22version%22%3A%225.1.0-JS-5.3.0%22%2C%22gdpr%22%3A%22BPHBH4xPHBH4xAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222fb72c976aca5e%22%2C%22pid%22%3A%221134957%22%2C%22tid%22%3A%224fded816-926a-4d83-b35d-3f0d6c07f267%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%7D%2C%7B%22w%22%3A320%2C%22h%22%3A320%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190411.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.228.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-228-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6d9373da79f5a50b5e117118787ad51b73c652aec93d44c2d88d862be1e21dae

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sharemods.com
date
Sun, 30 May 2021 14:50:32 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
94
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cdb
bidder.criteo.com/ Frame 5034 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.11.0-pre&cb=4689381504
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190411.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sharemods.com
date
Sun, 30 May 2021 14:50:31 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
hb.php
x.fidelity-media.com/delivery/ Frame 5034 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 5034 		138 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190411.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5ad42eaecaf4e258a157490247eac68e859deb39a23c96559af59990ac7af694
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:50:32 GMT
X-Proxy-Origin
152.89.163.12; 152.89.163.12; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.58:80
AN-X-Request-Uuid
0ac121c6-4c2c-456a-94cf-6d3f3d0ec3af
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sharemods.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ Frame 5034
Redirect Chain
  • https://ads.betweendigital.com/adjson?jst=hb&ord=4944473887107674&tz=-120&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=1050865a928dffe&transactionid=4fded816-926a-4d83-b35d-3f0d6c07f267&auctionid=8dd...
  • https://ads.betweendigital.com/adjson?jst=hb&ord=4944473887107674&tz=-120&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=1050865a928dffe&transactionid=4fded816-926a-4d83-b35d-3f0d6c07f267&auctionid=8dd...
2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?jst=hb&ord=4944473887107674&tz=-120&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=1050865a928dffe&transactionid=4fded816-926a-4d83-b35d-3f0d6c07f267&auctionid=8ddc271c-0723-489b-b957-fe9c9a4cd50b&crf=1
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.117 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://sharemods.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?jst=hb&ord=4944473887107674&tz=-120&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=1050865a928dffe&transactionid=4fded816-926a-4d83-b35d-3f0d6c07f267&auctionid=8ddc271c-0723-489b-b957-fe9c9a4cd50b&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://sharemods.com
content-length
0
/
adx.adform.net/adx/ Frame 5034 		5 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPTRmZGVkODE2LTkyNmEtNGQ4My1iMzVkLTNmMGQ2YzA3ZjI2Nw%3D%3D&pt=gross&stid=8ddc271c-0723-489b-b957-fe9c9a4cd50b&gdpr=true&gdpr_consent=BPHBH4xPHBH4xAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190411.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://sharemods.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5034 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190411.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sharemods.com
date
Sun, 30 May 2021 14:50:32 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 5034 		50 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190411.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:50:32 GMT
X-Proxy-Origin
152.89.163.12; 152.89.163.12; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.86:80
AN-X-Request-Uuid
d5e50d78-c713-4ca0-81d2-0b27df2fd882
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sharemods.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ortb
bid.contextweb.com/header/ Frame 5034 		0
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190411.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.133 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
server
envoy
cwdl
22/110
access-control-allow-origin
https://sharemods.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
cw-server
bid-deployment-7d5885f4c9-qvc84
translator
hbopenbid.pubmatic.com/ Frame 5034 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190411.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sharemods.com
date
Sun, 30 May 2021 14:50:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5034 		312 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=174918&zone_id=845404&size_id=15&alt_size_ids=14%2C16%2C48%2C72&p_pos=unknown&gdpr=1&gdpr_consent=BPHBH4xPHBH4xAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&rf=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&tk_flint=pbjs_lite_v2.11.0-pre&x_source.tid=4fded816-926a-4d83-b35d-3f0d6c07f267&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.32598663955062146
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190411.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
800a4acaf631f74645288fa6b28f0869b952fb258c3d28240a05abdb7dfcd6e8

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:50:32 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://sharemods.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
312
Expires
Wed, 17 Sep 1975 21:32:10 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 5034 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a12af3b3e8782c3af3ee41dd885a9ecd9e012712a12539d65dc61d77fa92419f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"887 / 327 of 1000 / last-modified: 1622153417"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21483
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:32 GMT
analytics.js
www.google-analytics.com/ Frame 2A04 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1420
date
Sun, 30 May 2021 14:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sun, 30 May 2021 16:26:52 GMT
hb
ad.360yield.com/ Frame 2A04 		94 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/hb?jsonp={%22bid_request%22:{%22id%22:%2221bd2444f677289%22,%22version%22:%224.2.0-JS-5.1%22,%22gdpr%22:%22BPHBH4xPHBH4xABABBENBR-AAAAeCAMAAUAA0ACAAIAAWgAyABoAEUAJgAUQAtgD9A%22,%22imp%22:[{%22id%22:%222c6fa741d8eaf5%22,%22pid%22:%221134960%22,%22tid%22:%22506d97b6-ae53-431d-96a9-174978d0e6d0%22,%22banner%22:{}}]}}
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/setupad/stpd180803.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.228.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-228-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
50f4dbf081d8f0bb75855f15d99609ba19c0986c2b1081c7f6e42dc3390ed77a

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sharemods.com
date
Sun, 30 May 2021 14:50:32 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
94
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
translator
hbopenbid.pubmatic.com/ Frame 2A04 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/setupad/stpd180803.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sharemods.com
date
Sun, 30 May 2021 14:50:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 2A04 		137 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/setupad/stpd180803.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
78b166e708ba1fe18605d9c4a91054c9ce4719678ed9a18050f90ba98b6263bc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:50:32 GMT
X-Proxy-Origin
152.89.163.12; 152.89.163.12; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid
13f364ea-afda-4fb3-8f92-5c08c2d24027
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sharemods.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2A04 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/setupad/stpd180803.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sharemods.com
date
Sun, 30 May 2021 14:50:32 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
hb.php
x.fidelity-media.com/delivery/ Frame 2A04 		0
0
cdb
bidder.criteo.com/ Frame 2A04 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=11&wv=1.19.0-pre&cb=57424701917
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/setupad/stpd180803.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sharemods.com
date
Sun, 30 May 2021 14:50:31 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
adjson
ads.betweendigital.com/ Frame 2A04
Redirect Chain
  • https://ads.betweendigital.com/adjson?jst=hb&ord=1616253516849264.2&tz=-120&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=147b13af5c90d61&transactionid=506d97b6-ae53-431d-96a9-174978d0e6d0&auctionid=b...
  • https://ads.betweendigital.com/adjson?jst=hb&ord=1616253516849264.2&tz=-120&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=147b13af5c90d61&transactionid=506d97b6-ae53-431d-96a9-174978d0e6d0&auctionid=b...
2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?jst=hb&ord=1616253516849264.2&tz=-120&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=147b13af5c90d61&transactionid=506d97b6-ae53-431d-96a9-174978d0e6d0&auctionid=be322584-6196-4dfb-b890-40121d2974a8&crf=1
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.117 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://sharemods.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?jst=hb&ord=1616253516849264.2&tz=-120&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=147b13af5c90d61&transactionid=506d97b6-ae53-431d-96a9-174978d0e6d0&auctionid=be322584-6196-4dfb-b890-40121d2974a8&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://sharemods.com
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2A04 		312 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=174918&zone_id=845406&size_id=15&alt_size_ids=14%2C16%2C48%2C72&p_pos=unknown&gdpr=1&gdpr_consent=BPHBH4xPHBH4xABABBENBR-AAAAeCAMAAUAA0ACAAIAAWgAyABoAEUAJgAUQAtgD9A&rf=https%3A%2F%2Fsharemods.com%2F&tk_flint=pbjs_lite_v1.19.0-pre&x_source.tid=506d97b6-ae53-431d-96a9-174978d0e6d0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8352408929269528
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/setupad/stpd180803.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7b924a645de8d9cd2b7b3e99e81e9c433c5d0346bb7101240542997f67320b0c

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:50:32 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://sharemods.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
312
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
adx.adform.net/adx/ Frame 2A04 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTUzMzM5OSZ0cmFuc2FjdGlvbklkPTUwNmQ5N2I2LWFlNTMtNDMxZC05NmE5LTE3NDk3OGQwZTZkMA%3D%3D&pt=gross&stid=be322584-6196-4dfb-b890-40121d2974a8&gdpr=true&gdpr_consent=BPHBH4xPHBH4xABABBENBR-AAAAeCAMAAUAA0ACAAIAAWgAyABoAEUAJgAUQAtgD9A&fd=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/setupad/stpd180803.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cf074ca9f0435fc4665f4b70acd0780abcbb49fbb92b28a9deb0c3c90f17d328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://sharemods.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 2A04 		139 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/setupad/stpd180803.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9488b35b7d7340f90f78b75061dbbc5383840151214206575ba28b07b3d8235b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:50:32 GMT
X-Proxy-Origin
152.89.163.12; 152.89.163.12; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.249:80
AN-X-Request-Uuid
6e8a6a2a-0fc7-4a9a-8d55-90369503ad3c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sharemods.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 2A04 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"887 / 722 of 1000 / last-modified: 1622153345"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21426
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:32 GMT
/
c.adsco.re/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: www.premiumvertising.com
URL: https://www.premiumvertising.com/falcor.all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
5939439
etag
W/"49M/vRKXL5pROhm5uOGH7A=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6578c67fafa52bca-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a63c600002bca66147000000001
expires
Wed, 30 Jun 2021 14:50:32 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0869 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 16:30:51 GMT
content-encoding
gzip
server
Server
age
80380
etag
6bda376aea84df42909484ff0d20f22a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
7iV2kGh8hACCLQM7XX9BldZxc25jPH1q
x-amz-cf-id
kQ2eTIWllnyj-GmFAHvUYbB_R1nueAbNRLKYFtxVuQV4ZdCtQyeEow==
gpt.js
www.googletagservices.com/tag/js/ Frame 0869 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"887 / 734 of 1000 / last-modified: 1622153345"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21426
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:32 GMT
usync.html
eus.rubiconproject.com/ Frame 172B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sharemods.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhLqCtgCFRTpP3Ow5zwYWQP2OPQMadZL7lho/RRR2s2jWpYWSoeROXM3r9QV20o10JuQw19gMkasvdREJwzG6qEKVZU6r+VKLeWVv/VO/a+hEPPQ==; khaos=KPBAVGLC-2-AYK5; audit=1|hLZGFuTafB0JBMLQqOUvPMsS4UlirvZrm6GBse4T7TFz08s/NtET14jtAc1VXbW3wFCfoC+4IsXTufzwakb0jXmmVIpu/3iKRw+kioKVzVvfL5d6Oe6oaWPRkwSA1Xoc3H9BDRwItET3eQUKv7y/gMfFeme8N08fRCRn5DZ1gaJGENNIsjyUSQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sharemods.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 May 2021 14:50:32 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date
Sun, 30 May 2021 14:50:32 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
6.adsco.re/ 		0
468 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://sharemods.com
Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://sharemods.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6578c6801cf14e2c-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a641200004e2c72002000000001
/
4.adsco.re/ 		0
459 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://sharemods.com
Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:50:32 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://sharemods.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 06B0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHO...
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHO...
617 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&dl=n-smaato_pm-db5_cnv&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cc6993ee8e2e0361ba9ba1331dae5f1758a93730bfc24f911a0b78ed4e7864ed

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sharemods.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A7bjt0mW9k2rmUPb1u_X6go|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sharemods.com/

Response headers

Server
Server
Date
Sun, 30 May 2021 14:50:32 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
495
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A7bjt0mW9k2rmUPb1u_X6go; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 14:50:32 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 14:50:32 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Sun, 30 May 2021 14:50:32 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&dl=n-smaato_pm-db5_cnv&dcc=t
Set-Cookie
ad-id=A7bjt0mW9k2rmUPb1u_X6go|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 14:50:32 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
pubads_impl_2021052501.js
securepubads.g.doubleclick.net/gpt/ Frame 5034 		310 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
a1b8ef6d40a6f447aa71becd00f6fa9a4e1be4405fad120ab1aa8ae6ef2146bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 25 May 2021 08:40:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111175
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:32 GMT
collect
www.google-analytics.com/j/ Frame 2A04 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Requests&el=improvedigital&ev=1&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622386232344&_u=IQBCAEABAAAAAC~&jid=2000790417&gjid=884451333&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&_r=1&_slc=1&z=2001648075
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sharemods.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 2A04 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Requests&el=pubmatic&ev=1&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622386232349&_u=IQBCAEABAAAAAC~&jid=&gjid=&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&z=1491740095
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 01:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 2A04 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=3&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Requests&el=appnexusAst&ev=1&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622386232352&_u=IQBCAEABAAAAAC~&jid=&gjid=&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&z=1331965356
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 01:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 2A04 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=4&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Requests&el=rtbhouse&ev=1&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622386232354&_u=IQBCAEABAAAAAC~&jid=&gjid=&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&z=989493153
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 01:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 2A04 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=5&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Requests&el=fidelity&ev=1&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622386232355&_u=IQBCAEABAAAAAC~&jid=&gjid=&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&z=578327658
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 01:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 2A04 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=6&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Requests&el=criteo&ev=1&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622386232357&_u=IQBCAEABAAAAAC~&jid=&gjid=&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&z=128159426
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 01:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 2A04 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=7&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Requests&el=between&ev=1&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622386232358&_u=IQBCAEABAAAAAC~&jid=&gjid=&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&z=583791254
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 01:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 2A04 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=8&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Requests&el=rubicon&ev=1&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622386232359&_u=IQBCAEABAAAAAC~&jid=&gjid=&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&z=1867804932
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 01:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 2A04 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=9&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Requests&el=adform&ev=1&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622386232360&_u=IQBCAEABAAAAAC~&jid=&gjid=&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&z=2066793764
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 01:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 2A04 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=10&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Requests&el=districtm&ev=1&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622386232362&_u=IQBCAEABAAAAAC~&jid=&gjid=&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&z=2117376143
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 01:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021052401.js
securepubads.g.doubleclick.net/gpt/ Frame 2A04 		309 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 08:37:29 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110966
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:32 GMT
p
adsco.re/ 		0
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 30 May 2021 14:50:32 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK
Access-Control-Allow-Origin
https://sharemods.com
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
4.adsco.re/ 		46 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
7ee24ae73b4e25d49767bf09cdb30223aa18780060dbd42f2e29b1eaa04780f0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:50:32 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://sharemods.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ 		53 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://sharemods.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6578c6808de29704-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a64510000970454a14000000001
/
aiypwttqfvkp.l4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aiypwttqfvkp.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 30 May 2021 14:50:32 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
aiypwttqfvkp.n4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aiypwttqfvkp.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 30 May 2021 14:50:32 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
aiypwttqfvkp.s4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aiypwttqfvkp.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 30 May 2021 14:50:33 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 65EC 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

:method
GET
:authority
c.adsco.re
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sharemods.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sharemods.com/

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-type
text/html
cache-control
public, max-age=2678400
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires
Wed, 30 Jun 2021 14:50:32 GMT
etag
W/"49M/vRKXL5pROhm5uOGH7A=="
cf-cache-status
HIT
age
5939439
cf-request-id
0a5f5a644e00002c22e5b2b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6578c6807d0c2c22-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/ Frame 2A04 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=11&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Bids&el=adform&ev=12&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622386232507&_u=KQBCAEABAAAAAC~&jid=&gjid=&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&z=1085412507
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 01:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 2A04 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=12&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Bid%20Load%20Time&el=adform&ev=270&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622386232509&_u=KQBCAEABAAAAAC~&jid=&gjid=&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&z=980215954
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 01:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
6.adsco.re/ Frame 65EC 		0
395 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://c.adsco.re
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://c.adsco.re
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6578c6813e509704-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a64c2000097043a0c8000000001
/
4.adsco.re/ Frame 65EC 		0
456 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://c.adsco.re
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:50:32 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://c.adsco.re
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
pubads_impl_2021052401.js
securepubads.g.doubleclick.net/gpt/ Frame 0869 		309 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 08:37:29 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110966
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:32 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 0869 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&u=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
x-cache
Hit from cloudfront
access-control-allow-origin
https://sharemods.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
xjJ4BDp3Qaz8m5rA8RuobhX04esXBgfyIExerquBlk6XooQ6pEHkcA==
bid
c.amazon-adsystem.com/e/dtb/ Frame 0869 		23 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&pid=qg8qU40iJRBOR&cb=0&ws=728x150&v=7.65.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F147246189%2Fsharemods.com_728x90%22%7D%5D&cfgv=0&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sharemods.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
u7IOzvhjtFx-k6GUT03yuGXuChqzX1GSu_eoSmH9iTQTLSogclrwJw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0869 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
75702
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Sat, 29 May 2021 17:50:17 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
SWHqAiKsgDHewm85HkePYb1kCQO0qP1ZAT44EqHrUz533hO8CM-eJw==
usync.js
eus.rubiconproject.com/ Frame 172B 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e717996f5607537ed723a320f33924f674aa6aa1bd768bd0ca0475f964c23757

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:50:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 19:07:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84666
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9266
Expires
Mon, 31 May 2021 14:21:38 GMT
/
c.adsco.re/ Frame 65EC 		35 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
5939439
etag
W/"49M/vRKXL5pROhm5uOGH7A=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6578c6817f132c22-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f5a64ec00002c22e3053000000001
expires
Wed, 30 Jun 2021 14:50:32 GMT
setuid
prebid-stag.setupad.net/ Frame 172B
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
  • https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KPBAVGLC-2-AYK5
0
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KPBAVGLC-2-AYK5
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:32 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QPewfjO0Jke%2B7ajwp6Y00qsy3CQGXponPFPqLQUMMjM4%2B6Qp%2FcOZ8uvEDaGQCxKWwrw4jlYFQtlyGvzDXuAdDHviS%2BrZUSgb4CafJQ%2Bne1ky7JDiOxNVxZpbo%2B0ILIwRPJn67Nw35p44bBPXxxpLsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
6578c681fa4ed6e5-FRA
content-length
0
cf-request-id
0a5f5a653a0000d6e54986a000000001
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KPBAVGLC-2-AYK5
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
/
6.adsco.re/ Frame 65EC 		0
0
/
4.adsco.re/ Frame 65EC 		0
0
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 33F0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&dl=n-smaato_pm-db5_cnv&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b750c54ffcad2d116460bc649eac2f7cf540fcbdcd82db75f4e23ca43e5126a7

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&dl=n-smaato_pm-db5_cnv&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A7bjt0mW9k2rmUPb1u_X6go; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&dl=n-smaato_pm-db5_cnv&dcc=t

Response headers

Server
Server
Date
Sun, 30 May 2021 14:50:32 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
722
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
/
s.ad.smaato.net/c/ Frame 33F0 		0
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-42.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
via
1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
4QfsEKxO1--1q4wGeJwL6MYImrdfvQem5St1X5L7XINMqmpMRaR98Q==
x-cache
LambdaGeneratedResponse from cloudfront
ecm3
s.amazon-adsystem.com/ Frame 017E
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH...
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=ba77962f37212a8&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&g...
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGoScXHhTjcwNmxBupAAAAAAA&expiration=1622472632&is_secure=true&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjg...
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGoScXHhTjcwNmxBupAAAAAAA&expiration=1622472632&is_secure=true&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
s.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A7bjt0mW9k2rmUPb1u_X6go; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sun, 30 May 2021 14:50:33 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

server
nginx
date
Sun, 30 May 2021 14:50:32 GMT
content-length
0
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGoScXHhTjcwNmxBupAAAAAAA&expiration=1622472632&is_secure=true&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 55F1 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified
Wed, 21 Oct 2020 18:57:29 GMT
etag
"1300708-1f78-5b232eb4914bb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2654
content-type
text/html; charset=UTF-8
cache-control
max-age=27865
expires
Sun, 30 May 2021 22:34:57 GMT
date
Sun, 30 May 2021 14:50:32 GMT
vary
Accept-Encoding
tap.php
pixel.rubiconproject.com/ Frame 172B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YLOmOAABNRWu-QBg
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YLOmOAABNRWu-QBg&_test=YLOmOAABNRWu-QBg
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YLOmOAABNRWu-QBg&_test=YLOmOAABNRWu-QBg
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1622386233.041633,VS0,VE0
x-served-by
cache-hhn4054-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YLOmOAABNRWu-QBg&_test=YLOmOAABNRWu-QBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 172B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Dj2LYutilXjqoQ2oUfSg9w?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8899919838657406818
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8899919838657406818
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Sun, 30 May 2021 14:50:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8899919838657406818
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 172B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=dbb660b3-a638-4a00-b3c7-499d0e6a383e
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=dbb660b3-a638-4a00-b3c7-499d0e6a383e
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

Date
Sun, 30 May 2021 14:49:59 GMT
Server
MT3 3736 915c305 master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=dbb660b3-a638-4a00-b3c7-499d0e6a383e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 May 2021 14:49:58 GMT
v1
ads.yahoo.com/cms/ Frame 172B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPBAVGLC-2-AYK5&sigv=1&esig=2~7ad0c9d264c31e0bbcb6bfdba1630be9079cb5a8
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPBAVGLC-2-AYK5&sigv=1&esig=2~7ad0c9d264c31e0bbcb6bfdba1630be9079cb5a8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:32 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPBAVGLC-2-AYK5&sigv=1&esig=2~7ad0c9d264c31e0bbcb6bfdba1630be9079cb5a8
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 172B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 172B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCQVZHTEMtMi1BWUs1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCQVZHTEMtMi1BWUs1&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCQVZHTEMtMi1BWUs1&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCQVZHTEMtMi1BWUs1&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 172B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBENp4XYObo6XHn66EjFugE&google_cver=1
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBENp4XYObo6XHn66EjFugE&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBENp4XYObo6XHn66EjFugE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 172B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWJiZDQwMTBlOWE0YTIzN2FiN2VlZjg1MDgyYWQ4Nzk0ZjU0MGE5Yg
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWJiZDQwMTBlOWE0YTIzN2FiN2VlZjg1MDgyYWQ4Nzk0ZjU0MGE5Yg&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWJiZDQwMTBlOWE0YTIzN2FiN2VlZjg1MDgyYWQ4Nzk0ZjU0MGE5Yg&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWJiZDQwMTBlOWE0YTIzN2FiN2VlZjg1MDgyYWQ4Nzk0ZjU0MGE5Yg&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8F41 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=55956
expires
Mon, 31 May 2021 06:23:08 GMT
date
Sun, 30 May 2021 14:50:32 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 8F41 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87130469&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8b29e595db5287f5525f34f5613613c4a4fc4225d6b2399c1a88f9967a9384fe

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:30 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
p
adsco.re/ 		360 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
23a79a8e0ab3d37387c0bf3a2a32c307d80c32eb3f67523bf68ece4e3d21ea1b

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

AS-P-G
OK
Date
Sun, 30 May 2021 14:50:32 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK
Access-Control-Allow-Origin
https://sharemods.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
Xg.asp
premiumvertising.com/ 		44 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://premiumvertising.com/Xg.asp?_=BAoAYLOmOAFgs6Y4gAGBAsAAIJp5un6rD5mZGDWXaZ3jBWxYroZRZbtrJKdx76Qk9w6JwQBGMEQCIEuMNgSRoF8Ge4XGP8uNrDnGRCN85tvopU0uO7st83lZAiBHsqV_ZsrOuy8Wg9JH2BBpQOS4PB94yK3kAyCTOBtiOcIAIHJgWAvDWjKPCAxdOyzJIWFLgQ8dZWFMLRZrCC6YbailxAAQKgEE-AGSVBQAAAAAAAAAAsUAEDg8p9CkF1Wh3Mj_Sx7QsKbDAEYwRAIgBNbrt1XbFBdPXUasKH27VBK90TQFRBkGtDeyqcfjDtQCIEKzpos5eynv2j38heFuxONvaFEH6LrG-nqtSK7rYXDu&v=4&eqVNUTEC=2143800&minBid=&GewsvUbi=1:1,1:3,0&tcqrUkiW=&FsgqVoQe=&s=1600,1200,1,1600,1200,0
Requested by
Host: www.premiumvertising.com
URL: https://www.premiumvertising.com/falcor.all.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.252.214.11 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 May 2021 14:50:33 GMT
popads-ec
ASB
asf
9
content-length
44
content-type
text/javascript;charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 8C58
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=8EBCA386-0CB0-4BFD-A14D-EA687971208E
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8EBCA386-0CB0-4BFD-A14D-EA687971208E
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8EBCA386-0CB0-4BFD-A14D-EA687971208E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=8EBCA386-0CB0-4BFD-A14D-EA687971208E
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 30 May 2021 14:50:33 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=7292726499205482488; expires=Thu, 29 Jul 2021 14:50:33 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sun, 30 May 2021 14:50:33 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8EBCA386-0CB0-4BFD-A14D-EA687971208E
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Wed, 30 Jun 2021 14:50:33 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 148A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_5...
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7v...
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&piggybackCookie=3479142945274795001
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&piggybackCookie=3479142945274795001
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8EBCA386-0CB0-4BFD-A14D-EA687971208E; chkChromeAb67Sec=1; DPSync3=1622419200%3A174%7C1623542400%3A197_219_201; SyncRTB3=1622937600%3A2_223_15%7C1623542400%3A81_21_166_55_13_161_54_8_71_234_56_7_3_22%7C1623628800%3A35%7C1623196800%3A63%7C1624924800%3A203; KRTBCOOKIE_391=22924-3499700684625337685&KRTB&23263-3499700684625337685; PugT=1622386233; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:dbb660b3-a638-4a00-b3c7-499d0e6a383e&KRTB&16736-uid:dbb660b3-a638-4a00-b3c7-499d0e6a383e&KRTB&23019-uid:dbb660b3-a638-4a00-b3c7-499d0e6a383e&KRTB&23114-uid:dbb660b3-a638-4a00-b3c7-499d0e6a383e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 30 May 2021 14:50:33 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-3479142945274795001; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 14:50:33 GMT; path=/ PugT=1622386233; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 14:50:33 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 28-Aug-2021 14:50:33 GMT; path=/
x-lat
lhrpug020:0:642
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&piggybackCookie=3479142945274795001
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 0E8D 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sun, 30 May 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1282
date
Sun, 30 May 2021 14:50:32 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 792D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968095825102829710
42 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968095825102829710
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968095825102829710
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 30 May 2021 14:50:36 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6968095825102829710; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 14:50:36 GMT; path=/ PugT=1622386236; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 14:50:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 28-Aug-2021 14:50:36 GMT; path=/
x-lat
lhrpug014:0:595
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 30 May 2021 14:50:36 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6968095825102829710; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968095825102829710
redir
rtb-csync.smartadserver.com/ Frame 3D5F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7P...
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7P...
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVEtFN0JaMDBBQURESmJqNG5tUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACTKE7BZ00AADDJbj4nmQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACTKE7BZ00AADDJbj4nmQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 30 May 2021 14:50:40 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Sun, 30 May 2021 14:50:40 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACTKE7BZ00AADDJbj4nmQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 4B78
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AA...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PE...
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&piggybackCookie=$UID&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&piggybackCookie=$UID&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_1101=23040-6968095825102829710; PugT=1622386236; PUBMDCID=3; SPugT=1622386235
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 30 May 2021 14:50:40 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug008:2:221
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=730f2c1a-c076-4fe7-83ff-6bd9f62a0115; path=/; domain=csync.loopme.me; Expires=Wed, 30-Jun-2021 14:50:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&piggybackCookie=$UID&gdpr=1
content-length
0
date
Sun, 30 May 2021 14:50:40 GMT
server
_
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 629F 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=8EBCA386-0CB0-4BFD-A14D-EA687971208E&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A7bjt0mW9k2rmUPb1u_X6go; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Sun, 30 May 2021 14:50:33 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8F41
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jryjhgywS_2hTepoeXEgjg%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jryjhgywS_2hTepoeXEgjg%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:34 GMT
content-encoding
gzip
last-modified
Wed, 21 Oct 2020 18:57:29 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-1f78-5b232eb4914bb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=27863
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2654
expires
Sun, 30 May 2021 22:34:57 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dbb660b3-a638-4a00-b3c7-499d0e6a383e
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dbb660b3-a638-4a00-b3c7-499d0e6a383e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 30 May 2021 14:49:59 GMT
Server
MT3 3736 915c305 master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dbb660b3-a638-4a00-b3c7-499d0e6a383e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 May 2021 14:49:58 GMT
mw
mwzeom.zeotap.com/ Frame 8F41
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=8EBCA386-0CB0-4BFD-A14D-EA687971208E
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=0d4a86d6-8132-4f12-8a04-8d8eb185b6bc&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=72afa0ff45b94b07c21dde96de74d388
  • https://spl.zeotap.com/?zdid=1332&zcluid=582f84b80193f48b
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ea1fe536-3593-480f-6a98-6fa16249c945&reqId=93d3f4b9-1e61-4116-57a6-af350149e142&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJmGTeHfGOSdNKPoRrlVxoc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ea1fe536-3593-480f-6a98-6fa16249c945&reqId=93d3f4b9-1e61-4116-57a6-af3...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEJmGTeHfGOSdNKPoRrlVxoc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ea1fe536-3593-480f-6a98-6fa16249c945&reqId=93d3f4b9-1e61-4116-57a6-af350149e142&zcluid=582f84b80193f48b&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6578c6b31e8e63e9-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a5f5a83f1000063e9e29e7000000001

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEJmGTeHfGOSdNKPoRrlVxoc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ea1fe536-3593-480f-6a98-6fa16249c945&reqId=93d3f4b9-1e61-4116-57a6-af350149e142&zcluid=582f84b80193f48b&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3499700684625337685
42 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3499700684625337685
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:557
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:33 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3499700684625337685
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:dbb660b3-a638-4a00-b3c7-499d0e6a383e&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_...
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:dbb660b3-a638-4a00-b3c7-499d0e6a383e&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:806
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 30 May 2021 14:49:59 GMT
Server
MT3 3736 915c305 master cdg-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:dbb660b3-a638-4a00-b3c7-499d0e6a383e&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 May 2021 14:49:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQF...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQF...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e6c2e51-80d8-4ca2-8c7d-01a8b6da202f
42 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e6c2e51-80d8-4ca2-8c7d-01a8b6da202f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:455
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e6c2e51-80d8-4ca2-8c7d-01a8b6da202f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
pixel
cm.g.doubleclick.net/ Frame 8F41 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D1%26gdpr_consent%...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4341105458209089406&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_...
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4341105458209089406&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:462
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:50:33 GMT
X-Proxy-Origin
152.89.163.12; 152.89.163.12; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.40:80
AN-X-Request-Uuid
020111e8-4085-4c81-813a-65e3f6669398
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4341105458209089406&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
8EBCA386-0CB0-4BFD-A14D-EA687971208E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8F41 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8EBCA386-0CB0-4BFD-A14D-EA687971208E?gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8EBCA386-0CB0-4BFD-A14D-EA687971208E&redir=true&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20z...
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oOzqlu9E2uVY8YELG0IPmQE80jnkuAc-~A&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Ny...
0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oOzqlu9E2uVY8YELG0IPmQE80jnkuAc-~A&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 30 May 2021 14:50:40 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oOzqlu9E2uVY8YELG0IPmQE80jnkuAc-~A&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHc...
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PE...
42 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SwwUVhwKRVxQDBNQHl1bBk0JQVdQXRMEHgtMzDY7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:505
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SwwUVhwKRVxQDBNQHl1bBk0JQVdQXRMEHgtMzDY7
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7P...
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=f753a3c9-4344-4b89-8821-132f8f8a868e&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=712cbcba-5622-4597-8511-d26fa4132945&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=712cbcba-5622-4597-8511-d26fa4132945&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:493
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=712cbcba-5622-4597-8511-d26fa4132945&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 30 May 2021 14:50:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLOmOAABNRWu-QBg&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39...
1 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLOmOAABNRWu-QBg&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:436
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:33 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1622386233.041609,VS0,VE90
x-served-by
cache-hhn4054-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLOmOAABNRWu-QBg&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGH...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4550270534800263309&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_A...
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4550270534800263309&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:564
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4550270534800263309&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&us_privacy=
pragma
no-cache
date
Sun, 30 May 2021 14:50:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=CPHBH4wP...
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:52eb1415-b03a-4511-800a-d7aaa2e2140d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:52eb1415-b03a-4511-800a-d7aaa2e2140d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:600
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:52eb1415-b03a-4511-800a-d7aaa2e2140d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 30 May 2021 14:50:33 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8EBCA386-0CB0-4BFD-A14D-EA687971208E&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9...
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6646e06b1b3212ae&is_secure=true&networkId=17100&version=1&nuid=8EBCA386-0CB0-4BFD-A14D-EA687971208E&gdpr=1&gdpr_consent=CPHBH4wPHBH...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGopLjXs9d9wNG8UCWAAAAAAA&expiration=1622472633&nuid=8EBCA386-0CB0-4BFD-A14D-EA687971208E&...
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGopLjXs9d9wNG8UCWAAAAAAA&expiration=1622472633&nuid=8EBCA386-0CB0-4BFD-A14D-EA687971208E&is_secure=true&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:398
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:33 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGopLjXs9d9wNG8UCWAAAAAAA&expiration=1622472633&nuid=8EBCA386-0CB0-4BFD-A14D-EA687971208E&is_secure=true&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&gdpr=1
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 8F41
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPs...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:407
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:33 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pubmatic
um.simpli.fi/ Frame 8F41 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 29 May 2021 14:50:33 GMT
integrator.js
adservice.google.de/adsid/ Frame 5034 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sharemods.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5034 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sharemods.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5034 		54 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4277451294619544&correlator=3818311283416334&output=ldjh&impl=fifs&eid=31061277%2C31061299%2C31060991&vrg=2021052501&ptt=17&sc=1&sfv=1-0-38&ecs=20210530&iu_parts=147246189%2Csharemods.com_336x280_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C300x300%7C336x280%7C320x320&eri=5&cookie_enabled=1&cdm=sharemods.com&bc=31&abxe=1&dt=1622386233256&dlt=1622386231952&idt=582&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=150&oid=3&adxs=310&adys=479&adks=3671501286&ucis=2q64asrnusgz&ifi=1&ifk=3542207677&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=sharemods.com&loc=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&top=sharemods.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x150&msz=336x0&ga_vid=2089567392.1622386232&ga_sid=1622386232&ga_hid=137534273&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
b16173a92ddc1ce22a84de5dcf5c54f666db617ea40690f02ea130bd4941be96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14612
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sharemods.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5034 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 5034 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame 2A04 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sharemods.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2A04 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sharemods.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2A04 		58 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3706316484090949&correlator=3170290608026508&output=ldjh&impl=fifs&eid=31060783%2C31061223%2C31060997%2C31060840%2C44743002&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210530&iu_parts=147246189%2Csharemods.com_336x280_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C300x300%7C336x280%7C320x320&eri=5&cookie_enabled=1&cdm=sharemods.com&bc=31&abxe=1&dt=1622386233277&dlt=1622386231955&idt=590&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=150&oid=3&adxs=1011&adys=479&adks=3427453152&ucis=domt63moqhf7&ifi=1&ifk=3542207677&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=sharemods.com&loc=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&top=sharemods.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x150&msz=336x0&ga_vid=2089567392.1622386232&ga_sid=1622386232&ga_hid=1096526499&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
617ce35c83a9d492d63e919ed9c390a694727142620fe566a57a582416ca4c58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13948
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sharemods.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
af7c1046fdbec46d647d764e227e4fbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A04 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://af7c1046fdbec46d647d764e227e4fbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A04 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame 0869 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sharemods.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0869 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sharemods.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0869 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=865751947611522&correlator=985737931018352&output=ldjh&impl=fifs&eid=31061143%2C31061166%2C21066612%2C44743689&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210530&iu_parts=147246189%2Csharemods.com_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=amznbid%3D2%26amznp%3D2&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=sharemods.com&bc=31&abxe=1&dt=1622386233316&dlt=1622386232050&idt=521&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=150&oid=3&adxs=800&adys=775&adks=2551612150&ucis=gam5cgnteoow&ifi=1&ifk=2792672491&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=sharemods.com&loc=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&top=sharemods.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x150&msz=728x0&ga_vid=2089567392.1622386232&ga_sid=1622386232&ga_hid=1882686138&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
8bd7d6a590b4fc790067d3939b84961c44206ead0f65198086464ff761cbec21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7183
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sharemods.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0869 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 0869 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012104130153000/ Frame 7E19 		192 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
842c872b3898f5b0e7d31292eebc5442195611e262f59bae3e7d5b63c507e00d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
95592
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55414
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"806d9da51f0ab461"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame 7E19 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
95594
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4561
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f7d3159bb96ed225"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame 7E19 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
95594
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27392
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"025b1bcedb95d6d9"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame 7E19 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
95594
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"26e8fee94434f5d6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame 7E19 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
95593
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12750
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"73bdf441b447cfc6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:20 GMT
css
fonts.googleapis.com/ Frame 7E19 		2 KB
536 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3e74a4ef70abf935fa8800498b5d751663e3511bbee1e3f21d0e445f7883e437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 13:38:24 GMT
server
ESF
date
Sun, 30 May 2021 14:50:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 14:50:33 GMT
truncated
/ Frame 7E19 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
584dd37b8f51799136b585029c8e8058003d79509c60764cd8764b0b5fdc29c8

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
9766188143108128655
s0.2mdn.net/simgad/ Frame 7E19 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9766188143108128655
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
167b2698ac1881db9db3e3d03f397462d249b283f64c29126f4bfa4e195a6c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:03:47 GMT
x-content-type-options
nosniff
age
17206
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98241
x-xss-protection
0
last-modified
Thu, 26 Nov 2020 13:44:30 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 10:03:47 GMT
1002016824953198123
s0.2mdn.net/simgad/ Frame 7E19 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1002016824953198123
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0f45a49d27117af1323c98b6f17499f08f49e5e60db826db929e583f2e8e65f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 15:35:32 GMT
x-content-type-options
nosniff
age
256501
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6944
x-xss-protection
0
last-modified
Mon, 23 Mar 2020 15:00:54 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 May 2022 15:35:32 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7E19 		42 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUkDTycnr3VknkIU5Qo2YXhXsXkWHz_pes3dxKsyWmjOiHFbvvs2g_VlMKbEpsfCW2hZFW918JjXeKUnoGKqeAPak2EDk6NJ1M8d7eFrifVVTeyH0PJ0Aemy-UY-84hDY1ckjwybdc20QE9pu05Q7vDlxv6w&dbm_d=AKAmf-B8zcjnGZCbip7UEIc4XFgPE8Fvhozq-OXPt9NTDPHJmn4rr8sjsU0WLTcuUKe3n2E5I-EU_ofk_hgH5CAVsnxSSoD5k2Hlk-s4PtX7nEonW5y-a_vm6ro3xhSum1bcxev3_1ppyP4vahkOfeU_Ou8NxTiQZUL17SbuVpShZ-eEfCeyRqSiOZKQ8HbTemM6hVnxzg9tnCmS81fEnKuIh0HoXNhUJyYIXavlsBrAPFWv0On9voRhLCNqRRWF57XT7Z5cwKtlrhEn5msGlnSUv3AM_nZpuqT00PBxY_AgXPgjVNk80Ry4zoE8iYoFRLhlQwfCAglEojCYguFjqmfsyOlMhJvbB3zepb6wq5ChXVHqiHsVzEo5ynKj_dVyVtghwiPENEvmkx5NB1Z-HtjSOSfYVn35aTQ064-LyQJmTJh0kEmXYyEWletlHgAKQ2lM-dLW1k5nXQJ2_nhtCXmHdJSTnVJZ939w4wTsxkS0b80UzcMyvc1B0KCS-QvKLzjZNbz0hQbFoFnmijGyZ_bKj52estsp6Cq35_p4VmFgTnKyuvQ-r7q2sQ7M1_cVAVyByx6QQ-HBlTTJmaiHCZdnFHk4FNnCSyP1VJGDcr6lFFmXtiljoJvDtEw-pAN5iLPMDGwbbedidh25ih9-4IAhK4xff00nztILAwNR3k7drvNSvR-21w-gWcaNRtpAupytmm1D74OGoT6RUGGVqbHm5zw_2sblQp9qxd0652SJCLz-GA-ZZXtEvGZxqXn9O4ZfP23-OvH2BRgHWZdKu8r_Wn_6Ga8nBx-9_liyZTem8rIopzwnwaj5H3Lf3cA91s0IRqpS2QXLTls270grUjar6wo0wvsgs8HZ2XgNjQgScltM2U6UYPFnnBRHrECsjTwSFjJwpnN9desvv4fR-jR9TR6avKnHJ1Fbo7ajIJWCrKhRUP_pkJ2shTezvBSIqbm5AFWlgCd1fV2k9DAWeVatbCT4XJH7UsJefkDsrN6Ij3auvnz6X2-BAj5B3ymEUfa9cleUfjBRgqWDI1ptn_CooFgpwQUUPl1N3Dxm0iv2ju23p0HiB0T-BMEQ6QUph0Nv6ocpxMn7DbesB_C8hpsYK2_02a8ckwTixsF24eBlmW34ALyj3XrMFxreImlimD0oktW-54jy49qbs8qnUbIGu5L-4PTk3kyh71hQkCOVW0OKw_8N0mJ5WhT54Opbh2CWBl9VDaVu8EJVD1NSSPbOdn3gkRCkl2r0WUzDylfxnkOA8fmzl0LfZBHqxUKy35inkO8qKIR73ZeCT1BL76e2dPnl_01mlghJkcfOLArfgVwf0UESLsCFJTKaMNEJBaJxIPy1EKez7nF4p_fXabFfueeVx0PNl7oDIFc3341G7wfcEoXkVz5MJKaEcM3zMoPEhGP3a9xLuFALFR5CiSLGgbLVrrSGhmiYVm__YDLs-wfYnn_zzqYYp4XPAQ2D6vTNN7do-XqIc-psPOGZubBGLBcUlYY_LaCQ2fiayCJLHBR-FCddZeHRAaX_gw_UAoHLQB5S58q64jX0NF5UqwV2Uet8nCyc37VVRwcw3A-y7nTd8MJxerIZbm-iAyhDjTZRm1Tdx0j-QCB9mdw6ghc03WY04dXNgO5eKn_gVmnDZDiPyLwvFAcc9vZ7yHic5e4feyvUJVdU5ayZMD_in8BKaeUqzS0eudct7PxabtNJEGHjiYzPnmMjO56Z7TZW3Fpvs-rVBya54Wht2kv6ZDY9i8iV7P7DNC7VouAwjm7ZemTVymfLLAd_TWA1IasAoC83ZQoTZ1CjVnrIUnASVh2l-GZtFbDqA2eFf1SjV2Y0L8chzV8cotE5kbjmup3lfj1TXLi3s5U0VX2Le2QIG-PTyAatnHS3YWEBLtDPNY3Tk6FTbBtrBQYXd-BQK2Ij3xJkGYPH0hKYQpc2k-tYOPoRSmM4BEaD92tQ1uLvmyTBhlQuQVjutOdF8zIgNC-zYa6AgS3EROp-NfYdhg_gNmh5beih7lqYYZ9UWE1R6x8BqGNCKy-cLcjz_FZAC8ZIJKZqcxn1mea-T_wc8fwTXuTCfvPCUHTi2IZiHcSDGM6b14Ug-OhJQsiM6BLFAWZVtF9RQuUnvrlmvcWEAzkMLksdag_Y0RwD0IKwuF1npLt6oKi3Q7w8Ut9rX5j-pOc-cerQ2J6oG6vMSktQmmD-1qgQZ4qLA_oTS_xqob0pekASh9Ui3iAFnAGOpzCSDfmhn0agKkSswVyFvjCEZvTFSYY7O_DL_etJ08mbWNwYn-jUQC5XEig_UD7ddTvzI_EpUcqVtM0L26m9gRL_BwQDHWAdcDlM-2fq-d5Q9ykbcmVygI-AJ4Sj_2Tn2P0QJYWcPUguhujDWnd0ur2KiTByrD06lKv6W1tQZ2mVHgfL4ffSXvT3D_TFhVFIXKGdrTAa1lFLDMx-WzyE8ra-mSJXwrciF7IZ6b3MiTUsdkYAzY6ZQwYYLbhBEXtxA12Z2PZkBaI-6iAukr9s-UuQosVjRkUhMGynoVupb3SHmNGWWYvCzTVYBIxIn56jycGyDgfNE3NGCWyab1NPae6yOL4e7_i3wieRfSLStep2bMKNjAwKcx2IwAKKRQLbX3wlCRBltTU-cXc-IXfXmjWaM5Lw9EIEk8EmVDY1tXQmZdhAV6ANRlxfYj-pC9pw5tWzqNR_1aH6MQwg4lTvC5OYE_T6TEgq-gXnWUfpEfSVpA7Q7ZNESR5Ez7Q_35lTP5IYv-Aa55GPjb5O25BtyrITsvhW-y_3sYPzy5JC1oGLzXDccOa_qP7GPs3n5KEBSa_9ewf37hzX692VAU1tCspM_w9C1oHfV2SrBcokffgAwD3re6ECGoXbKk6PpLp9-4wm1fON3kgHmiwanOKiiAjYznw3Lan_Hi348fI5_DFvY4nfefKRwlhpK5pZEg0&cid=CAASPeRoj2gxALQOLFcp2YMhqvtIqczllzuzUKT62sdBvcX2v2aLY5KEbXuqwI07aFDK76luyB4voLziVVBbDV4
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postview.gif
portal.blau.de/nws/img/ Frame 7E19
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=dbmnat_Pros_iPhone12_Mini_WKZ_rect_desk_view
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=dbmnat_Pros_iPhone12_Mini_WKZ_rect_desk_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2021053016503350887313917X117667V1225131106MSdbmnat_Pros_iPhone12_Mini_WKZ_rect_desk_view
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20210530165033508873139...
43 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021053016503350887313917X117667V1225131106MSdbmnat_Pros_iPhone12_Mini_WKZ_rect_desk_view&wfid=117667
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.236 Giessen, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:50:35 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Sun, 30 May 2021 14:50:35 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021053016503350887313917X117667V1225131106MSdbmnat_Pros_iPhone12_Mini_WKZ_rect_desk_view&wfid=117667
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
adview
securepubads.g.doubleclick.net/pagead/ Frame 7E19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CB0d6OaazYNbYE6mDjuwPpP-B-Aq_3KTqYd6_mfPODPAuEAEgjeS9KWCV-vCBjAfIAQapAtrap-B8dLQ-qAMByAMKqgS4AU_QM2OORyFlc4Su0IbUotG8eL2e6xeZlBUs7u7SgC6J06vUnWTJ0yPaaNBOgdwlGAMCU62zxVqTA9sVdZQxmagKQGtuWK4Aw58CdIJoxfmpxQmSzXML1-hmWL1IXGYa8NGLiEnaz0jO-77IUhSEF5Tvck6CvxAlBemvcIDedBTI6Crs6yR9p7oY7QNckMFpQRQBIybmsHuE7hcNr7th0AKestg6f5RqDI_XWNMYdimwlYgDIJh-zDjABLPr74izA-AEA4gFmqGp1SuSBQYIAxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB_m_mGKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG9gHAfIHChCqyw0Y9vimlwHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTE3OTM5MjE0MzU1NTQ5MTmACgPICwGwE5HB5ArIE6LalQnQEwDYEwOIFAHYFAHQFQGAFwGyFxoKGAgAEhRwdWItNzM4MzE3MTgzMDYxNDIxNg&sigh=L24Eomml8ps&cid=CAQSPgCNIrLMj_VA0Xl7TBS6dQCvTLhPz9wnfaXPhlEKLDZVVaEuECIKrs2EglOhl8UXeCdgRNSkZstR753BJ9ve&template_id=509&vt=10
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 7E19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRaVlSwSi4RiPHcxirWE-aH4OfntI2XKlSp5LiziMjOHhdbPam_Cdf28CiHwrWGuFov1nB
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7E19 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
819
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 31 May 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7E19 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 29 May 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
59608
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 30 May 2021 22:17:05 GMT
node.php
node.setupad.com/node/ Frame 2A04 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2A04 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b1a094c624551abde00caa18c7b539080c5b12e1d3a955d8ae1bd945f03a5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7696
x-xss-protection
0
container.html
83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 49C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sharemods.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sharemods.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 30 May 2021 14:50:33 GMT
expires
Mon, 30 May 2022 14:50:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 0869 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0869 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
038cc2bf843d0f4ecf44c6c8481c572c1db3e9c0b6e5701022e046feffd50d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8146
x-xss-protection
0
container.html
238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5346 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sharemods.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sharemods.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 30 May 2021 14:50:33 GMT
expires
Mon, 30 May 2022 14:50:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
node.php
node.setupad.com/node/ Frame 5034 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
osd.js
www.googletagservices.com/activeview/js/current/ Frame 5034 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5034 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
967bdd426a54f8632ab07d30fed923bfc3dd170ed506d3e9a20606f7d916aaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7763
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2A04 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0869 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5034 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:33 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7E19
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 30 May 2021 14:50:33 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 71BA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sharemods.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sharemods.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 14:47:16 GMT
expires
Mon, 30 May 2022 14:47:16 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
197
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7E27 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
770b21ee3b0bb5a7e90aeebe5aac8ab837cd7541e800c8da235d1843ddd88ecb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VZw1l3IrhXYVfNLIs49pJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sharemods.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sharemods.com/

Response headers

expires
Sun, 30 May 2021 14:50:33 GMT
date
Sun, 30 May 2021 14:50:33 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-VZw1l3IrhXYVfNLIs49pJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1D97 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sharemods.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sharemods.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 14:47:16 GMT
expires
Mon, 30 May 2022 14:47:16 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
197
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 21FC 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
35e40df86add60d04e52922dfb73b3ba8483cd03f8283d08de7bce55cffc3032
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3iGyTc+GwdOAs3BQ7ROlLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sharemods.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sharemods.com/

Response headers

expires
Sun, 30 May 2021 14:50:33 GMT
date
Sun, 30 May 2021 14:50:33 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-3iGyTc+GwdOAs3BQ7ROlLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 5346 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js
Requested by
Host: 238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
URL: https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
8821855511435206686
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:49:26 GMT
css
fonts.googleapis.com/ Frame 5346 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
URL: https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 13:27:33 GMT
server
ESF
date
Sun, 30 May 2021 14:50:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 14:50:33 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/ Frame 5346 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.css
Requested by
Host: 238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
URL: https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 13:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92163
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 26 May 2021 15:26:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 13:14:30 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/ Frame 5346 		352 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Requested by
Host: 238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
URL: https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c1928faa8d6d02957353b3d37ef93f1807b952d66f209b3ca5a7da823cd487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 16:18:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125173
x-xss-protection
0
last-modified
Wed, 26 May 2021 15:26:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 16:18:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 5346 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
URL: https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:50:23 GMT
l
www.google.com/ads/measurement/ Frame 5346 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrWZjpfn6yFPaP3bxWbhsWJluvoU46gQIRjjfG1vM1-zB2HrqQ1UC-1h0f1xFPS6W_TDbxUHJ4yuhtRlRZ03BcrvCfnw
Requested by
Host: 238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
URL: https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6D45 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNUduT-z6C5qXlFfZRVz10tuLWfD_B_vH1464B-NJ_CacUPd8mYRXT1feEt-aQEzMKO_WTVYyYgKkpjVzhdz0U6fF3xC6lGp9HGcxZGD2XaFYuUiJYqMgTw1TR9sIKvjnuqXs8yMBqm7ECA798-3gl9qdQdWqybPlEXc2DFhQXT3dPoTOO0K0xFUUglYdDcciCsNkqMiC_YV51ibw5pvQh_NAgf0rw
Requested by
Host: 83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
URL: https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNUduT-z6C5qXlFfZRVz10tuLWfD_B_vH1464B-NJ_CacUPd8mYRXT1feEt-aQEzMKO_WTVYyYgKkpjVzhdz0U6fF3xC6lGp9HGcxZGD2XaFYuUiJYqMgTw1TR9sIKvjnuqXs8yMBqm7ECA798-3gl9qdQdWqybPlEXc2DFhQXT3dPoTOO0K0xFUUglYdDcciCsNkqMiC_YV51ibw5pvQh_NAgf0rw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmMo-qUKnWgXc5gw9OGkkiTfpOiOjWqoXDLnEXchmzXMuONqwmKnzLByLJTEis
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 30 May 2021 14:50:33 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 49C9 		39 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0nhbupPZF4QbHsYREOnAgjQqNpx52dVOR3VGg1Qc8g92cHyK6xYj9eFdSJOO7OLFOebwyKw6-ybMORFKCstBuRB-jyN_AfMpQecwvsncSHQUYImEXXufbicBJoZO1FyDg2R5hWCaiEPkaASoicUqnXb8_fw&dbm_d=AKAmf-AiF8ziJHckczzkaiN2-4L7YpbnQtWUNYIw9zVgNnwMsmED9zWUFAvVLQu9DItiXMnveZ0mxaZVkm3ZBiFQuLQEtgg32hd7Qq4L_f-0uPjGf6AXf31Pvn-Ukc7RjRsXUUL7G8_cSEeUb0EFGK-2uBHD4JjrG9YH1d47HR6avQz4uJFtxnW8VU4Hmq8JUgKTtdOQSEz1wRzX_6743u2Q968WHq_Ddw7t3pesbTzumlRBt3sV7sJF77OA7vCa5qTI2yL6VGgX_7Y3YHx1wolFgl6eKISxMj9yhV3880ZwziveAZjL0n2ZjqfPI0-oS2mav4OEPJatjFjCEhCdQIpTpLygaLK1rNSkPwFlvHetBIvZlYW3weVkbl0vFDL3bgxo2pFKegc1vvY1VpbCjETNjIwgIMS5wo-M6jWQJ-YthDfYKNsixvA2wsBjX35wmdJHgUD0xN0mcHxKMq9fAw4mmHfqq4jMg6ku1Dli8BW35zsF1nyBEUBd-7f7dFX1nFhg9-vwC9pT6CDvwfxpNMpKlDOhez2qtBuFawz1Pdpy1KMcTTCwEMXUuEZVfq_qefY7ZL-qoYfJRHk7WfnCAmnqwXiygYH0ygGNkPL0qx6TVFCpW4KeWR46e8QkUGbJykXi_dxSf5OSgycd6_GhLKWVfvtZb6g6YftCl8pMSr2ILvq4q1CRjnM8mphL7QGViIEush3X2tuX38dp8aWLKbyAnInut4zqSrnwC-HFkZH4vVf7tCUb81sz1u32Hf6xtb-fQejwHB6W_uJkbe5FYo9dYg9K9qGNPz7xXuuIlxkxv0xpamjIYcdEHM6kBRRplNV7rzLURizs53zO899O2oFM9Fz0kXFFrZTQj6U7um7AVYywDEXDY4dbwWpHh5ZFX_TGhzUMvz6G0623AqqpNig4hjLR5zvGMO0cGEjyM5yb-7HXCYabVky7JrfgV4YHO7ZzaFx-LL6MzJec__ZGNd5asxMDplrxZldDTSgChVDGjdVQ2Ryck0pcPrIqG4svGa2FV8eWS5BRXiFw_V4ImDaXS3kJVG9MpcvebzkpMimKw5PFOEY8I7tFWjLb47eP1yJx3OeFFGmz8Sq5HBhGW7xbEkSd2OYtWczlPYTOWVj8dDnYUp8JIpsk7sIXufKCCcZL6B1owGg1vwS-I6UHiGT6aGkL7OzFAmrSmvqTt3Ofk5evJIj3cm6pQ4k_YITZ7Bcuiz4XEZNmK-h4RGUpt12L7KcZFGt8qb1PzdaN49RKHTDA97W6ZztsguKKG4KAvKQYci9DAeuXvzhsikknigNGYwiiz34xkupa-lksnhO1OsYx1PTVtZuQsYfXjsLVQCv66I2E2rxv9-EzsfQ-03syErI_Lrv75oKh8abKN3JnIK9jWkCichjGaXylaj-Hzds51c5bTK_ew3fyDoH7M7lR8GF1kvPTWY83nsoLZQRp1bPvmPhDTLmvCE8d1SDW9O9H6Z1AzgUDojR_3s9GljSnsIBJGYvq0aG7buw5za1iAVkrQoazo3o8_8sM70kqIhEy_3IfKz6CDXNZEXEBk0V45H57pSgUiokSCdV3L14Jze8uwJTf4vfbsHjKTSeh5DstkhjWkqLoYc994yFHFR6T2pE6nVLrfUL0XBnataHvDpCsFXDp4ZEU9TjqtsK2ULkuqYl0ylwujer4OMI02q5dV6MUqpWKEbiZIad3Y41i5pzVhs_gastPk1hziULIEvW5zRzK38gXprSzZcPsO0XBDbM5SsxsmNZZGmRVOaIcg7VSrF_5KSxKgP6Nlzofb1UXsvSZvJQI61U_vF9FFaSfBtmftr_ZYBnuaFMlvNzl9Wt5kD6kMUhr5B4Ri9WWz4__EmD9h7n4Wcwx7IVgSXu7_0HfcEykd_zAyMm2BsX-zV9PrZMgUuKwte5bdWQq7IA_J5YFgU8vtCcODqTYHkkx4DZW4J8AIYpKoIFiVYAPzXd9naAgkezqvBIK5YomCNms70IGCeIHPHO0zcqshgY0r6l1Hps_KfBf5n4onVYXl560AYATtgM30E1ERuv831qZYSGtRW7Jku8wACuDAt-Dw-bi0iJiyO84b57NxRiH62l5lnLBa1SKQFIozsW8WyBIgF3Ro6zmckFE8I-f970obdZ-UauB-oB-FwZx2eJfbCdwHShKtaklt0ev_XRBW7qI-O2Ka5ltWb_jWm7X_X0OYuFxc8dI3h3qty4pV3qbgmXjd9_DhkePf30QIbJD27AEgEuldeJM38xtAJV1a3STqc0x8Y1DIMjW4zYIPweQuVbRyIVRqzpyRQ5N599rsHr98sW6N6eCYP5gmD0J1IEw4WitG5n-OkhNsk2yccJeS1T26bsR4CnhMSm18wxPhMgbZKlX9RdXYwismlUBKzyM9Y3Mmy-cvjs5CEjWSDAOaXOlgfON6iCUNr9ti8ixcgx__43BnN5y_zIIGT7bZhxNaDxUW89YClKcxvGVDHjYRE00Yd6D0xpYVSlX-06u06KlXWIVG8gJMYcdo-Fh9TnN9PaILIsr-IHfoKfohp7AuWpDB8k1Y6vuBiDYuWt6mvo8wfdt52domGyyCSJiQ8RlV6O9gw2MN2mWG8Ic632Ep5zr5-7fRXMFqAptqLQ8lpBnRj2nwb6FZAy6UwT-FsTGpr_JqNDhajkF5cWhJUkL7NtyWFcjdfa6y1cSF12ZDhn8Z0tSQT5Zeaui-TyFsvWvj8zD7jbEE_3bHcVXE8rLcN2NhxJJfn6vlskVc0AEP0e4pEsLjkw-rqPVA4gz8wIaYvJej0TvBPdKT9-MKsfk5j5V9nGxdNOsE7fUdRaykTZvw0Lzv8LnZoviEJvw9iUv-6mhJA1Eh1w0_YBjrA48TSDY8bOwIlgnvXEeSPqgM-aCiFMtkuTXWBAjW_LTXxBbKbQZTUQxy58V20bKXKOoIDTfY1XsohYvtKrTWG8r6Pd7Ogyr47-UCfJGh3bC-a-K-RvJrh1khMpr3itS0kO5MkoMMrDDGEt4yDiSdlZg0Le_TPjd4gZtQqaTyNN43XjeOmgRkCz4_Q&cid=CAASPeRoaIltfFUKxkivgbpa58xQFRVVPRDaHONQt3tOem2kH4cmj95HaGVoaZ0fxOudgPZ_Gd3u5D7yHw3lQzs&rfl=3%2Chttps%253A%252F%252Fsharemods.com%242%2C%2Chttps%253A%252F%252Fsharemods.com%252F%240
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8db1dbfafdfea470f83859294fc78c09ab8b32aa4eae86e2af19311a809c9acf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19483
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49C9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DiXLOKWFC28LTndzu8jRWbcM0WG8fbfVJqv1jKt8kkUeBw-b4Oq6zVlLH_Mh0_YPpnH7ptuiuZME1bmChLDYvx0LE2E7GpLc0JlIzBJ-ad0HSxFG8
Requested by
Host: 83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
URL: https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 49C9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: 83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
URL: https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:49:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:49:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 49C9 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
URL: https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 14:50:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 49C9 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
URL: https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:50:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 16BA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sharemods.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sharemods.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 14:47:16 GMT
expires
Mon, 30 May 2022 14:47:16 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
197
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5509 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
242c12a17725a15567d8a908913f1634e708e0ae8c4e5a1e40db1e50e2a43253
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ukCGzxiPZvIc5RVF+DwyPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sharemods.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sharemods.com/

Response headers

expires
Sun, 30 May 2021 14:50:33 GMT
date
Sun, 30 May 2021 14:50:33 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ukCGzxiPZvIc5RVF+DwyPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csi
csi.gstatic.com/ Frame 5346 		0
331 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kpbavhwx&c=7524307876150&slotId=3762153938075&qqid=CN-m_9jT8fACFYrKdwod5ycA2g&fb=outstream-lima&sei=44719216%2C44729911%2C44730425%2C44730426%2C44730769&nsei=44714510%2C75259405%2C75259407%2C75259408%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5346 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
256504
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 27 May 2022 15:35:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5346 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
306421
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 27 May 2022 01:43:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5346 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CJ8ZKOaazYJ-mEoqV3wPnz4DQDdOuu_ViipGc7o0OrL-i0OQCEAEgjeS9KWCV-vCBjAegAZux9pMCyAEFqQLa2qfgfHS0PqgDAcgDmwSqBMMBT9Bs3bIgv0Ki9KPkA0UJaAhsEpPM3D9S5Hay55J6PSLR9SEZuKuPkN7g6VIra11zCjkA2V81iBudiQo4TukARxBPUoBu8_aOmua4wz8xRkMbOFGG9q-pqOCMMJR_WeLtFdUShxCVzMg67eg1rIw1kHt73pX6vZgdw5pNUbm_W-GgXjODOlaAwjDpJRyY_RVSpEXmXW8cSctrku8ffflPN_qoMd7VzyE-Kr6Z6UV9avyue48l53xjwGWvl8x-yhuzNSTvwASL6aLFrAPgBAOQBgGgBk6AB83OiewBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBPo6dIL0BMA2BMNiBQC2BQB0BUBgBcB&eventType=clickstring&clientTime=1622386233975&ai=CJ8ZKOaazYJ-mEoqV3wPnz4DQDdOuu_ViipGc7o0OrL-i0OQCEAEgjeS9KWCV-vCBjAegAZux9pMCyAEFqQLa2qfgfHS0PqgDAcgDmwSqBMMBT9Bs3bIgv0Ki9KPkA0UJaAhsEpPM3D9S5Hay55J6PSLR9SEZuKuPkN7g6VIra11zCjkA2V81iBudiQo4TukARxBPUoBu8_aOmua4wz8xRkMbOFGG9q-pqOCMMJR_WeLtFdUShxCVzMg67eg1rIw1kHt73pX6vZgdw5pNUbm_W-GgXjODOlaAwjDpJRyY_RVSpEXmXW8cSctrku8ffflPN_qoMd7VzyE-Kr6Z6UV9avyue48l53xjwGWvl8x-yhuzNSTvwASL6aLFrAPgBAOQBgGgBk6AB83OiewBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBPo6dIL0BMA2BMNiBQC2BQB0BUBgBcB
Requested by
Host: 238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
URL: https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 5346 		26 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BRB65PFnQuBeAuWTSzmF-zxj3tKcLMU53VRO0BsL574j70_729FvKBWYCIJ2MMSaR9ITrmc-mLelJRkJR9bmdS83YwNQ&dbm_d=AKAmf-DU3MpSDyZ_WsRCMzW24qKzeY0FXujuahu3WH8z4wOyJi0sSK4DCpvEDK8P46eBBqI6bcalJkVCEt9jqcBOYmiJi_gesVznS0g2wKKPWeDljUqKdXk81hkUgibHwOe8UvdhT2GYdcdOQ94HyL2Co5HsaksBdtSAr5gx5ymeFQgtw616yYjV8fdOdjBlnwievoeKXgNXkpRKJs-JsPJeYZQGg1JEQOJgbh5ZLbW-KMtUnkp43Z4aw4ang2AC6ZYiq_W_Y7k6hJio-HPeffraXqnnDh_CbxNoTINxtHwRfdScDCfR-PB32aqG2D9P4d36iduiZ4JpzekGJxQdjrnVPi5TyXi4QyoHkVx9zXp_6Vh-Hgk0q--MzLtF2oUVOjKlPMklAnsoPeRSocRjKxnmYFMn0FvWqUIfcyZzhiH2TI5d45uoAOTiqn13lcEhP_yJpI6x3axeKz1TP37sfyHITWgrgw5bP87EM6AbjODmMZtN-xjBaouf0UD2KJFO4cbBj5mynJcTqmbXVGaN1X6pLUhQruEQyqRsD96Y3BWt3aTtM23FiN8i7f-tiJDZZrzzImX8cIoV8nluty80-6KIAvunPKlfdhXW67Ppcc1rsZ8GuuMADL7legIqQyffHL7Y8WoD5WjaxS3ok42n7FIpEaz3s0uUL9nEnc8gW8iUOD_R1Y_TGC5Q3FvMotSyfu05JDYTeV47artdcedwoeCS-uNteNv-55uzk1_vMDmi0QGDgN2sG8OWT9LzQvpg5QYe53TJL8J4XfAvhHJSdjYwtYSSncupFfRAvK8YJ8U8GdNs-5EJ1Jca-tu83oGblXqpsOm5ofAtPkeJTC7B5nYcbG5W8jkMFMz5nTNLgHXECb8L2Lu7LkWsTewtVtLy3WHMTQ9iNQdm1CnyOlQbraj09IY2x5DJoJd7vweMEHJL4zAEXTWUMtGTw1oi-I9VLrZfWY3sNqq7lgDOrikd_0hq25QzMASXWkW6RHcFIoUVJqRyKOegYY5_ODsb7NakqXDRDV5T9h9cH7XRrf0AUuvQ4R0RPutV43n-yKU-M7N36rtxVH-qQTbmaiEtBGXFwX2kdGBSXrXLvHf3-2zEmmgAzhMN0iWtzKcpl1B8PzduqFqgYhNk4qaQB5y9O3YpY5uNTaevamRgGBus8IQ7H6xb5fwEYNhV37HEbYWc1Ar0HEMZsT2GVxlQh_q9AnDL4zS7SeYjW8kpk_23WzAzdSoKN2Rvrclz0rCsBz7nd2OtUcfMrRbaxYOJs8p6rOmfbDfAyegEw_ptvJRr8dKw5Y_mFPzMNljX67MNif8HzUDm4jp9XyB7zRtyoPpjr_lPKpfYGyLHrwReczs7kpPKHPWNuSAdn0iXXbRpkcPoTwnrgi6DmTbqAFZbHsbecA3v02nFfoYCak4QAHvLWBEJ00xXmVyeHIz69ZBp6n2xskmPN4bp58sQvCG7-y1PeQ_jPKwQJ7QZMOGew-aJzC-2Qgd2pmhJAGr_PCt4dub_eov0-73Wkac4PYDEWFgL_FtLTo_wS4ekCzFyhHD2fJBLLZMuOHdfCpMChLNOzzqNb_IzQ3Y_v0Rz5klsfTZ7s0kMU5qx_zIREVd6zCf18yV0WfWNSJMj4GmWTmbiGwRkD7iikfdsZ0vNy27kVNNhjr3u6-HKYzVKtHVw4_yavsXULRQx9AvdMZYKB7y2oUZ9ksMxAw9I73zdhFu8wXi0vTcpXWf4eunOou11U04OPYOt9sWgyz3e8zzV9cVAuv9aB15g0TnpTBA8J6hiZdKlGcCBrnun966_GciKhSVBgR4y_V_gsQl3QpUEl7qGj4i5jRAObGJkytR2SbM6u2QOd8WclmdnokptLZ_4w2zQnSHkz7PJIUr77HhHNTXvBR2N2jHcHUxCplMlliWpvEXq-O-3-l7cAlvmwAFq7_BhiWSP5ixm_hhWhHDNXO7oxCFi6S_ZSp4DrNEuIcuWPaUS6ipxZQcrMaRl7RBvwhxauBA4p9HVfYlHWHhBDTh9tyW3GFgFrFs9V5YCMrk76gI8uoJZx-Ji2D-J51RBBVNPskP9V_aBHhk08OeNEtDG6cchozHsLaAbwybG6wWiXvl2sHlpYjLrC4c0FNVSxuYn79bjwVPpK6DTWya54Sp_e6DJxbo860sstlHmEaLPe-YEahSTTNS_P6VFr-KBD2hs0u1Gh8JCtcGICR-JshmD6YofQgzcLngDPyS_8M5R9YFUFVhw7zxLsFsD6bhSoBCuJ3QBxfdJWxldS7YDilKX92PvKY2kYC6CxJRYCI_FLhBYDhCVDH_jOqRZ7PkLQO3HKESAJmnjmAQAGSNkV5wbyljrrUmIoalF8ndeXlsSKeZIVzBb1Sz9t7jC4745hOmeBQ3PgW0IFzv2mRqsFEgUPCFk6VntScdgUwubBbyRU7k12BS2yA_r4cGCT2S_gnye3GcWEzuA1YGzajHel02Tm_6mxcVl2nWJ28DaBcOGfwndkoNHJ6fw5fE6Pa7-YNZs2x5XeZ2_UNh8RpGGALnbolIPNBMZf5LMeMIVVIICJWjVv55629WURm0WJp7tfHN6aaOTdsTorarblskOiXjMmEQTMLoQIusoN3drX9zb4ufkOVxlbbxhUVv2NzGoGN2gG65M6GagWyRK5xGShcOZ9sLNPc7Ys5qdBwKcMqs7m_3E6jSRyZTiRuvlEMAPIqaBDNU94loAH53D7xaHh6Mi35vf-3VjpD0kOKTbzAgmHjq-x4P4Ku8y6EEJf3XC2NBPUhfWQ-wik5sSRV-Hsdeo3wg4-MuIBrKEwlXHzWXsZyLCZ_cNTL53Y_XwLnCng2FfOzIcuow7LoHkLDG7onTFjx0zuZxuxvZnCK1iB1kTZ-UMg9n410RO1FJGXH-0RKDYbe2uMAaTMsSYhUvM9peL8F0I0imiL8s0Xd4-mAbtQi6fEp1gPyVka14GDbU7A-uKHrdSBGLi2GRSXV6c9REchfe9uRJ5gwd8-vVLe-ZNEvT2MsFrkJifY1Q1N1Na1-098DA4vvp5xGL7gnh5YqvVDLahTykuhoQ-lta-pj1amtGO7t2vCqPfzJ4_yjzhTaYmM4kR5A2DhpE1-zJyoNt7becwsuEI1AwohqzbCMHnjc_NZQq_dPGIxww0eY9Oagg9mOIvWTKROpR8hQDx3w&cid=CAASFeRo7bHJ50_SWukUDRtg3N9pJueHQA&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.120.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b0b0a0b198ad4287d4774179f3d7b2630fb9ad0b90a18e806aa077ae91b6ce8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5346 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CyQreOaazYJ-mEoqV3wPnz4DQDdOuu_ViipGc7o0OrL-i0OQCEAEgjeS9KWCV-vCBjAegAZux9pMCyAEFqQLa2qfgfHS0PqgDAcgDmwSqBMABT9Bs3bIgv0Ki9KPkA0UJaAhsEpPM3D9S5Hay55J6PSLR9SEZuKuPkN7g6VIra11zCjkA2V81iBudiQo4TukARxBPUoBu8_aOmua4wz8xRkMbOFGG9q-pqOCMMJR_WeLtFdUShxCVzMg67eg1rIw1kHt73pX6vZgdw5pNUbm_W-GgXjODOlaAwjDpJRyY_RVSpEXmXW8cSctrku8ffflPN_qoMd6NzrvLuSz5e8qW9uBI5-ClWDLhf3g8EdftZBGrwASL6aLFrAPgBAOIBfGoiJ4skgUGCAMQARgBkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAfNzonsAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcA8gcKEPHDUBi6w9qpAdIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTc5MzkyMTQzNTU1NDkxOYAKA8gLAbAT6OnSC8gToMeeCdATANgTDYgUAtgUAdAVAYAXAbIXGgoYCAASFHB1Yi03MzgzMTcxODMwNjE0MjE2&sigh=VuxwD7gKNUM&cid=CAQSPgCNIrLMxRLCG8tP1Wy_O-kwxlOs9J5fzFjpFxPJFWSZl3Jyu7XpYEGraqDYzO1SJMbWX3dEHHxUePIPxbOU&vt=10
Requested by
Host: 238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
URL: https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 5346 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b1375d434dd10a9c303a4fadfebdefafc9567e1b2200716300c908b3105c879

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 49C9 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0nhbupPZF4QbHsYREOnAgjQqNpx52dVOR3VGg1Qc8g92cHyK6xYj9eFdSJOO7OLFOebwyKw6-ybMORFKCstBuRB-jyN_AfMpQecwvsncSHQUYImEXXufbicBJoZO1FyDg2R5hWCaiEPkaASoicUqnXb8_fw&dbm_d=AKAmf-AiF8ziJHckczzkaiN2-4L7YpbnQtWUNYIw9zVgNnwMsmED9zWUFAvVLQu9DItiXMnveZ0mxaZVkm3ZBiFQuLQEtgg32hd7Qq4L_f-0uPjGf6AXf31Pvn-Ukc7RjRsXUUL7G8_cSEeUb0EFGK-2uBHD4JjrG9YH1d47HR6avQz4uJFtxnW8VU4Hmq8JUgKTtdOQSEz1wRzX_6743u2Q968WHq_Ddw7t3pesbTzumlRBt3sV7sJF77OA7vCa5qTI2yL6VGgX_7Y3YHx1wolFgl6eKISxMj9yhV3880ZwziveAZjL0n2ZjqfPI0-oS2mav4OEPJatjFjCEhCdQIpTpLygaLK1rNSkPwFlvHetBIvZlYW3weVkbl0vFDL3bgxo2pFKegc1vvY1VpbCjETNjIwgIMS5wo-M6jWQJ-YthDfYKNsixvA2wsBjX35wmdJHgUD0xN0mcHxKMq9fAw4mmHfqq4jMg6ku1Dli8BW35zsF1nyBEUBd-7f7dFX1nFhg9-vwC9pT6CDvwfxpNMpKlDOhez2qtBuFawz1Pdpy1KMcTTCwEMXUuEZVfq_qefY7ZL-qoYfJRHk7WfnCAmnqwXiygYH0ygGNkPL0qx6TVFCpW4KeWR46e8QkUGbJykXi_dxSf5OSgycd6_GhLKWVfvtZb6g6YftCl8pMSr2ILvq4q1CRjnM8mphL7QGViIEush3X2tuX38dp8aWLKbyAnInut4zqSrnwC-HFkZH4vVf7tCUb81sz1u32Hf6xtb-fQejwHB6W_uJkbe5FYo9dYg9K9qGNPz7xXuuIlxkxv0xpamjIYcdEHM6kBRRplNV7rzLURizs53zO899O2oFM9Fz0kXFFrZTQj6U7um7AVYywDEXDY4dbwWpHh5ZFX_TGhzUMvz6G0623AqqpNig4hjLR5zvGMO0cGEjyM5yb-7HXCYabVky7JrfgV4YHO7ZzaFx-LL6MzJec__ZGNd5asxMDplrxZldDTSgChVDGjdVQ2Ryck0pcPrIqG4svGa2FV8eWS5BRXiFw_V4ImDaXS3kJVG9MpcvebzkpMimKw5PFOEY8I7tFWjLb47eP1yJx3OeFFGmz8Sq5HBhGW7xbEkSd2OYtWczlPYTOWVj8dDnYUp8JIpsk7sIXufKCCcZL6B1owGg1vwS-I6UHiGT6aGkL7OzFAmrSmvqTt3Ofk5evJIj3cm6pQ4k_YITZ7Bcuiz4XEZNmK-h4RGUpt12L7KcZFGt8qb1PzdaN49RKHTDA97W6ZztsguKKG4KAvKQYci9DAeuXvzhsikknigNGYwiiz34xkupa-lksnhO1OsYx1PTVtZuQsYfXjsLVQCv66I2E2rxv9-EzsfQ-03syErI_Lrv75oKh8abKN3JnIK9jWkCichjGaXylaj-Hzds51c5bTK_ew3fyDoH7M7lR8GF1kvPTWY83nsoLZQRp1bPvmPhDTLmvCE8d1SDW9O9H6Z1AzgUDojR_3s9GljSnsIBJGYvq0aG7buw5za1iAVkrQoazo3o8_8sM70kqIhEy_3IfKz6CDXNZEXEBk0V45H57pSgUiokSCdV3L14Jze8uwJTf4vfbsHjKTSeh5DstkhjWkqLoYc994yFHFR6T2pE6nVLrfUL0XBnataHvDpCsFXDp4ZEU9TjqtsK2ULkuqYl0ylwujer4OMI02q5dV6MUqpWKEbiZIad3Y41i5pzVhs_gastPk1hziULIEvW5zRzK38gXprSzZcPsO0XBDbM5SsxsmNZZGmRVOaIcg7VSrF_5KSxKgP6Nlzofb1UXsvSZvJQI61U_vF9FFaSfBtmftr_ZYBnuaFMlvNzl9Wt5kD6kMUhr5B4Ri9WWz4__EmD9h7n4Wcwx7IVgSXu7_0HfcEykd_zAyMm2BsX-zV9PrZMgUuKwte5bdWQq7IA_J5YFgU8vtCcODqTYHkkx4DZW4J8AIYpKoIFiVYAPzXd9naAgkezqvBIK5YomCNms70IGCeIHPHO0zcqshgY0r6l1Hps_KfBf5n4onVYXl560AYATtgM30E1ERuv831qZYSGtRW7Jku8wACuDAt-Dw-bi0iJiyO84b57NxRiH62l5lnLBa1SKQFIozsW8WyBIgF3Ro6zmckFE8I-f970obdZ-UauB-oB-FwZx2eJfbCdwHShKtaklt0ev_XRBW7qI-O2Ka5ltWb_jWm7X_X0OYuFxc8dI3h3qty4pV3qbgmXjd9_DhkePf30QIbJD27AEgEuldeJM38xtAJV1a3STqc0x8Y1DIMjW4zYIPweQuVbRyIVRqzpyRQ5N599rsHr98sW6N6eCYP5gmD0J1IEw4WitG5n-OkhNsk2yccJeS1T26bsR4CnhMSm18wxPhMgbZKlX9RdXYwismlUBKzyM9Y3Mmy-cvjs5CEjWSDAOaXOlgfON6iCUNr9ti8ixcgx__43BnN5y_zIIGT7bZhxNaDxUW89YClKcxvGVDHjYRE00Yd6D0xpYVSlX-06u06KlXWIVG8gJMYcdo-Fh9TnN9PaILIsr-IHfoKfohp7AuWpDB8k1Y6vuBiDYuWt6mvo8wfdt52domGyyCSJiQ8RlV6O9gw2MN2mWG8Ic632Ep5zr5-7fRXMFqAptqLQ8lpBnRj2nwb6FZAy6UwT-FsTGpr_JqNDhajkF5cWhJUkL7NtyWFcjdfa6y1cSF12ZDhn8Z0tSQT5Zeaui-TyFsvWvj8zD7jbEE_3bHcVXE8rLcN2NhxJJfn6vlskVc0AEP0e4pEsLjkw-rqPVA4gz8wIaYvJej0TvBPdKT9-MKsfk5j5V9nGxdNOsE7fUdRaykTZvw0Lzv8LnZoviEJvw9iUv-6mhJA1Eh1w0_YBjrA48TSDY8bOwIlgnvXEeSPqgM-aCiFMtkuTXWBAjW_LTXxBbKbQZTUQxy58V20bKXKOoIDTfY1XsohYvtKrTWG8r6Pd7Ogyr47-UCfJGh3bC-a-K-RvJrh1khMpr3itS0kO5MkoMMrDDGEt4yDiSdlZg0Le_TPjd4gZtQqaTyNN43XjeOmgRkCz4_Q&cid=CAASPeRoaIltfFUKxkivgbpa58xQFRVVPRDaHONQt3tOem2kH4cmj95HaGVoaZ0fxOudgPZ_Gd3u5D7yHw3lQzs&rfl=3%2Chttps%253A%252F%252Fsharemods.com%242%2C%2Chttps%253A%252F%252Fsharemods.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8609
x-xss-protection
0
server
cafe
etag
7365582700020686358
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:49:23 GMT
deuskDE-EU-WoW-Classic-BurningCruisade-Announcement-DateannPortaldate-Prepareyourself-STD-728x90-0.jpg
s0.2mdn.net/10176009/ Frame 49C9 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176009/deuskDE-EU-WoW-Classic-BurningCruisade-Announcement-DateannPortaldate-Prepareyourself-STD-728x90-0.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0nhbupPZF4QbHsYREOnAgjQqNpx52dVOR3VGg1Qc8g92cHyK6xYj9eFdSJOO7OLFOebwyKw6-ybMORFKCstBuRB-jyN_AfMpQecwvsncSHQUYImEXXufbicBJoZO1FyDg2R5hWCaiEPkaASoicUqnXb8_fw&dbm_d=AKAmf-AiF8ziJHckczzkaiN2-4L7YpbnQtWUNYIw9zVgNnwMsmED9zWUFAvVLQu9DItiXMnveZ0mxaZVkm3ZBiFQuLQEtgg32hd7Qq4L_f-0uPjGf6AXf31Pvn-Ukc7RjRsXUUL7G8_cSEeUb0EFGK-2uBHD4JjrG9YH1d47HR6avQz4uJFtxnW8VU4Hmq8JUgKTtdOQSEz1wRzX_6743u2Q968WHq_Ddw7t3pesbTzumlRBt3sV7sJF77OA7vCa5qTI2yL6VGgX_7Y3YHx1wolFgl6eKISxMj9yhV3880ZwziveAZjL0n2ZjqfPI0-oS2mav4OEPJatjFjCEhCdQIpTpLygaLK1rNSkPwFlvHetBIvZlYW3weVkbl0vFDL3bgxo2pFKegc1vvY1VpbCjETNjIwgIMS5wo-M6jWQJ-YthDfYKNsixvA2wsBjX35wmdJHgUD0xN0mcHxKMq9fAw4mmHfqq4jMg6ku1Dli8BW35zsF1nyBEUBd-7f7dFX1nFhg9-vwC9pT6CDvwfxpNMpKlDOhez2qtBuFawz1Pdpy1KMcTTCwEMXUuEZVfq_qefY7ZL-qoYfJRHk7WfnCAmnqwXiygYH0ygGNkPL0qx6TVFCpW4KeWR46e8QkUGbJykXi_dxSf5OSgycd6_GhLKWVfvtZb6g6YftCl8pMSr2ILvq4q1CRjnM8mphL7QGViIEush3X2tuX38dp8aWLKbyAnInut4zqSrnwC-HFkZH4vVf7tCUb81sz1u32Hf6xtb-fQejwHB6W_uJkbe5FYo9dYg9K9qGNPz7xXuuIlxkxv0xpamjIYcdEHM6kBRRplNV7rzLURizs53zO899O2oFM9Fz0kXFFrZTQj6U7um7AVYywDEXDY4dbwWpHh5ZFX_TGhzUMvz6G0623AqqpNig4hjLR5zvGMO0cGEjyM5yb-7HXCYabVky7JrfgV4YHO7ZzaFx-LL6MzJec__ZGNd5asxMDplrxZldDTSgChVDGjdVQ2Ryck0pcPrIqG4svGa2FV8eWS5BRXiFw_V4ImDaXS3kJVG9MpcvebzkpMimKw5PFOEY8I7tFWjLb47eP1yJx3OeFFGmz8Sq5HBhGW7xbEkSd2OYtWczlPYTOWVj8dDnYUp8JIpsk7sIXufKCCcZL6B1owGg1vwS-I6UHiGT6aGkL7OzFAmrSmvqTt3Ofk5evJIj3cm6pQ4k_YITZ7Bcuiz4XEZNmK-h4RGUpt12L7KcZFGt8qb1PzdaN49RKHTDA97W6ZztsguKKG4KAvKQYci9DAeuXvzhsikknigNGYwiiz34xkupa-lksnhO1OsYx1PTVtZuQsYfXjsLVQCv66I2E2rxv9-EzsfQ-03syErI_Lrv75oKh8abKN3JnIK9jWkCichjGaXylaj-Hzds51c5bTK_ew3fyDoH7M7lR8GF1kvPTWY83nsoLZQRp1bPvmPhDTLmvCE8d1SDW9O9H6Z1AzgUDojR_3s9GljSnsIBJGYvq0aG7buw5za1iAVkrQoazo3o8_8sM70kqIhEy_3IfKz6CDXNZEXEBk0V45H57pSgUiokSCdV3L14Jze8uwJTf4vfbsHjKTSeh5DstkhjWkqLoYc994yFHFR6T2pE6nVLrfUL0XBnataHvDpCsFXDp4ZEU9TjqtsK2ULkuqYl0ylwujer4OMI02q5dV6MUqpWKEbiZIad3Y41i5pzVhs_gastPk1hziULIEvW5zRzK38gXprSzZcPsO0XBDbM5SsxsmNZZGmRVOaIcg7VSrF_5KSxKgP6Nlzofb1UXsvSZvJQI61U_vF9FFaSfBtmftr_ZYBnuaFMlvNzl9Wt5kD6kMUhr5B4Ri9WWz4__EmD9h7n4Wcwx7IVgSXu7_0HfcEykd_zAyMm2BsX-zV9PrZMgUuKwte5bdWQq7IA_J5YFgU8vtCcODqTYHkkx4DZW4J8AIYpKoIFiVYAPzXd9naAgkezqvBIK5YomCNms70IGCeIHPHO0zcqshgY0r6l1Hps_KfBf5n4onVYXl560AYATtgM30E1ERuv831qZYSGtRW7Jku8wACuDAt-Dw-bi0iJiyO84b57NxRiH62l5lnLBa1SKQFIozsW8WyBIgF3Ro6zmckFE8I-f970obdZ-UauB-oB-FwZx2eJfbCdwHShKtaklt0ev_XRBW7qI-O2Ka5ltWb_jWm7X_X0OYuFxc8dI3h3qty4pV3qbgmXjd9_DhkePf30QIbJD27AEgEuldeJM38xtAJV1a3STqc0x8Y1DIMjW4zYIPweQuVbRyIVRqzpyRQ5N599rsHr98sW6N6eCYP5gmD0J1IEw4WitG5n-OkhNsk2yccJeS1T26bsR4CnhMSm18wxPhMgbZKlX9RdXYwismlUBKzyM9Y3Mmy-cvjs5CEjWSDAOaXOlgfON6iCUNr9ti8ixcgx__43BnN5y_zIIGT7bZhxNaDxUW89YClKcxvGVDHjYRE00Yd6D0xpYVSlX-06u06KlXWIVG8gJMYcdo-Fh9TnN9PaILIsr-IHfoKfohp7AuWpDB8k1Y6vuBiDYuWt6mvo8wfdt52domGyyCSJiQ8RlV6O9gw2MN2mWG8Ic632Ep5zr5-7fRXMFqAptqLQ8lpBnRj2nwb6FZAy6UwT-FsTGpr_JqNDhajkF5cWhJUkL7NtyWFcjdfa6y1cSF12ZDhn8Z0tSQT5Zeaui-TyFsvWvj8zD7jbEE_3bHcVXE8rLcN2NhxJJfn6vlskVc0AEP0e4pEsLjkw-rqPVA4gz8wIaYvJej0TvBPdKT9-MKsfk5j5V9nGxdNOsE7fUdRaykTZvw0Lzv8LnZoviEJvw9iUv-6mhJA1Eh1w0_YBjrA48TSDY8bOwIlgnvXEeSPqgM-aCiFMtkuTXWBAjW_LTXxBbKbQZTUQxy58V20bKXKOoIDTfY1XsohYvtKrTWG8r6Pd7Ogyr47-UCfJGh3bC-a-K-RvJrh1khMpr3itS0kO5MkoMMrDDGEt4yDiSdlZg0Le_TPjd4gZtQqaTyNN43XjeOmgRkCz4_Q&cid=CAASPeRoaIltfFUKxkivgbpa58xQFRVVPRDaHONQt3tOem2kH4cmj95HaGVoaZ0fxOudgPZ_Gd3u5D7yHw3lQzs&rfl=3%2Chttps%253A%252F%252Fsharemods.com%242%2C%2Chttps%253A%252F%252Fsharemods.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f148e389c9eab875e3b76f13f4fd944b3e6a3c243e59215dfde25b766d86ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 11:32:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 May 2021 12:19:51 GMT
server
sffe
age
11871
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34672
x-xss-protection
0
expires
Mon, 31 May 2021 11:32:43 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame 49C9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0nhbupPZF4QbHsYREOnAgjQqNpx52dVOR3VGg1Qc8g92cHyK6xYj9eFdSJOO7OLFOebwyKw6-ybMORFKCstBuRB-jyN_AfMpQecwvsncSHQUYImEXXufbicBJoZO1FyDg2R5hWCaiEPkaASoicUqnXb8_fw&dbm_d=AKAmf-AiF8ziJHckczzkaiN2-4L7YpbnQtWUNYIw9zVgNnwMsmED9zWUFAvVLQu9DItiXMnveZ0mxaZVkm3ZBiFQuLQEtgg32hd7Qq4L_f-0uPjGf6AXf31Pvn-Ukc7RjRsXUUL7G8_cSEeUb0EFGK-2uBHD4JjrG9YH1d47HR6avQz4uJFtxnW8VU4Hmq8JUgKTtdOQSEz1wRzX_6743u2Q968WHq_Ddw7t3pesbTzumlRBt3sV7sJF77OA7vCa5qTI2yL6VGgX_7Y3YHx1wolFgl6eKISxMj9yhV3880ZwziveAZjL0n2ZjqfPI0-oS2mav4OEPJatjFjCEhCdQIpTpLygaLK1rNSkPwFlvHetBIvZlYW3weVkbl0vFDL3bgxo2pFKegc1vvY1VpbCjETNjIwgIMS5wo-M6jWQJ-YthDfYKNsixvA2wsBjX35wmdJHgUD0xN0mcHxKMq9fAw4mmHfqq4jMg6ku1Dli8BW35zsF1nyBEUBd-7f7dFX1nFhg9-vwC9pT6CDvwfxpNMpKlDOhez2qtBuFawz1Pdpy1KMcTTCwEMXUuEZVfq_qefY7ZL-qoYfJRHk7WfnCAmnqwXiygYH0ygGNkPL0qx6TVFCpW4KeWR46e8QkUGbJykXi_dxSf5OSgycd6_GhLKWVfvtZb6g6YftCl8pMSr2ILvq4q1CRjnM8mphL7QGViIEush3X2tuX38dp8aWLKbyAnInut4zqSrnwC-HFkZH4vVf7tCUb81sz1u32Hf6xtb-fQejwHB6W_uJkbe5FYo9dYg9K9qGNPz7xXuuIlxkxv0xpamjIYcdEHM6kBRRplNV7rzLURizs53zO899O2oFM9Fz0kXFFrZTQj6U7um7AVYywDEXDY4dbwWpHh5ZFX_TGhzUMvz6G0623AqqpNig4hjLR5zvGMO0cGEjyM5yb-7HXCYabVky7JrfgV4YHO7ZzaFx-LL6MzJec__ZGNd5asxMDplrxZldDTSgChVDGjdVQ2Ryck0pcPrIqG4svGa2FV8eWS5BRXiFw_V4ImDaXS3kJVG9MpcvebzkpMimKw5PFOEY8I7tFWjLb47eP1yJx3OeFFGmz8Sq5HBhGW7xbEkSd2OYtWczlPYTOWVj8dDnYUp8JIpsk7sIXufKCCcZL6B1owGg1vwS-I6UHiGT6aGkL7OzFAmrSmvqTt3Ofk5evJIj3cm6pQ4k_YITZ7Bcuiz4XEZNmK-h4RGUpt12L7KcZFGt8qb1PzdaN49RKHTDA97W6ZztsguKKG4KAvKQYci9DAeuXvzhsikknigNGYwiiz34xkupa-lksnhO1OsYx1PTVtZuQsYfXjsLVQCv66I2E2rxv9-EzsfQ-03syErI_Lrv75oKh8abKN3JnIK9jWkCichjGaXylaj-Hzds51c5bTK_ew3fyDoH7M7lR8GF1kvPTWY83nsoLZQRp1bPvmPhDTLmvCE8d1SDW9O9H6Z1AzgUDojR_3s9GljSnsIBJGYvq0aG7buw5za1iAVkrQoazo3o8_8sM70kqIhEy_3IfKz6CDXNZEXEBk0V45H57pSgUiokSCdV3L14Jze8uwJTf4vfbsHjKTSeh5DstkhjWkqLoYc994yFHFR6T2pE6nVLrfUL0XBnataHvDpCsFXDp4ZEU9TjqtsK2ULkuqYl0ylwujer4OMI02q5dV6MUqpWKEbiZIad3Y41i5pzVhs_gastPk1hziULIEvW5zRzK38gXprSzZcPsO0XBDbM5SsxsmNZZGmRVOaIcg7VSrF_5KSxKgP6Nlzofb1UXsvSZvJQI61U_vF9FFaSfBtmftr_ZYBnuaFMlvNzl9Wt5kD6kMUhr5B4Ri9WWz4__EmD9h7n4Wcwx7IVgSXu7_0HfcEykd_zAyMm2BsX-zV9PrZMgUuKwte5bdWQq7IA_J5YFgU8vtCcODqTYHkkx4DZW4J8AIYpKoIFiVYAPzXd9naAgkezqvBIK5YomCNms70IGCeIHPHO0zcqshgY0r6l1Hps_KfBf5n4onVYXl560AYATtgM30E1ERuv831qZYSGtRW7Jku8wACuDAt-Dw-bi0iJiyO84b57NxRiH62l5lnLBa1SKQFIozsW8WyBIgF3Ro6zmckFE8I-f970obdZ-UauB-oB-FwZx2eJfbCdwHShKtaklt0ev_XRBW7qI-O2Ka5ltWb_jWm7X_X0OYuFxc8dI3h3qty4pV3qbgmXjd9_DhkePf30QIbJD27AEgEuldeJM38xtAJV1a3STqc0x8Y1DIMjW4zYIPweQuVbRyIVRqzpyRQ5N599rsHr98sW6N6eCYP5gmD0J1IEw4WitG5n-OkhNsk2yccJeS1T26bsR4CnhMSm18wxPhMgbZKlX9RdXYwismlUBKzyM9Y3Mmy-cvjs5CEjWSDAOaXOlgfON6iCUNr9ti8ixcgx__43BnN5y_zIIGT7bZhxNaDxUW89YClKcxvGVDHjYRE00Yd6D0xpYVSlX-06u06KlXWIVG8gJMYcdo-Fh9TnN9PaILIsr-IHfoKfohp7AuWpDB8k1Y6vuBiDYuWt6mvo8wfdt52domGyyCSJiQ8RlV6O9gw2MN2mWG8Ic632Ep5zr5-7fRXMFqAptqLQ8lpBnRj2nwb6FZAy6UwT-FsTGpr_JqNDhajkF5cWhJUkL7NtyWFcjdfa6y1cSF12ZDhn8Z0tSQT5Zeaui-TyFsvWvj8zD7jbEE_3bHcVXE8rLcN2NhxJJfn6vlskVc0AEP0e4pEsLjkw-rqPVA4gz8wIaYvJej0TvBPdKT9-MKsfk5j5V9nGxdNOsE7fUdRaykTZvw0Lzv8LnZoviEJvw9iUv-6mhJA1Eh1w0_YBjrA48TSDY8bOwIlgnvXEeSPqgM-aCiFMtkuTXWBAjW_LTXxBbKbQZTUQxy58V20bKXKOoIDTfY1XsohYvtKrTWG8r6Pd7Ogyr47-UCfJGh3bC-a-K-RvJrh1khMpr3itS0kO5MkoMMrDDGEt4yDiSdlZg0Le_TPjd4gZtQqaTyNN43XjeOmgRkCz4_Q&cid=CAASPeRoaIltfFUKxkivgbpa58xQFRVVPRDaHONQt3tOem2kH4cmj95HaGVoaZ0fxOudgPZ_Gd3u5D7yHw3lQzs&rfl=3%2Chttps%253A%252F%252Fsharemods.com%242%2C%2Chttps%253A%252F%252Fsharemods.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:49:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 49C9 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmHrwv1eSNSeEauyUoFNrie2YtSUMnNAKIBqZV6Q4qFjzxlDde1J6T_hwNX0JXtOa7ouzPrVb5NZIiQw4BukB2tIBJlmYXw1sYLBFhoVEYcmm9_eIf7ZUX_zyYp2QpIepnWUJpciGKOJp8UVycbqclhAt7VsOOwuEcOArh4QSL97BhzS3TgLVhyRF6lB7XSVzeccA-mzleCx4UdDzlkIizInEooI2s470G_PmqHqrq_SKVFSiIG0XM0QYpDNJlIeP1P2x9_sIpWGpi2I2DeB1MGmfCBZx07bNVKkR76tXnZCXu_rUEenODvIDC7pXbP_wpe5sUPf7LxTgVncRSkKmFjOu_Ke0LjNx8JefaunKnfg3_ElZc54e9r4giRO8gSxGgEJ_c-7R1wbgzMfbk5EWY2djNeCTw8uk-xfgml_Ll7AZ5-oaN4m8QSsNLNK_i2OWZr2jRO1Sp6oqFdbqHppkHWzLXM4AqMWFPNgEldVhD1LhyQ8B7dgNyqZEwVsqDO9KkZLExAFVv8fcmCWv8DxTAKvubRpI6ybN-i7DiHjHCqBSiGf-jjCa8xkAM8OBP8fzJvH_naOE29BpGXT6LI5CIb6070veqNSqcejMMnAjC77qCn8t3GDwQVnH_TrkVdxiHofBqYA49ZMFZqJ_HHZ-dn7b6CG3Nz_r6i7by-v4Wc5l-ogFBa7-0fWJe-Dq_dJ39ZYwj2EIDLKxBPhQeK7J3pJVR-plGeCuxzZcp2IPKHi5EwkDBZEwUuSbu-fZUb_cIb9jUtJ13x0RjWzINIn0IaYzkhipg6cKbkm1Z92rFr_INnMQQ1ZptHLMzAakyO-yb9SycSUSQaPT0sd_oOVbU0Nk4Pg83pOm31W7qaaApes1ZckDOHmyxtmcOAT1GjuOw-VH2Cv--LrCaKQXkEspenzwirQRSWwZCcY6uPBSOdsH-rYCFCHOfzxqjKEeH5nMmkgdHvFu09tCwFL9g3UT7owIaRc7u-vG0-8FwdZQJz6swGRL7N8aeIievzakL835aZReeBFqMibmVT0aus3wXLcVRWLN5DmRLPMzWaG50nrREycqi_2dggX8px-pDh5Z8KoS9Cn1PpGK2cL1L3mXgdFpghtAUnXFXr6CqrSaLnCzmkGOvINT9S6ngm8G-J5rygGHLpePNYGzVMwXLCYX9CZ_MromrQ8_JWopc14vR0pUTfEXyv0QSHGBlVHE&sai=AMfl-YSwm9e1LEEZzlgjkn9DfQZSeHKvJV5jj9N0Cp6vxlexrvH6JOO1iTC_f_A7W01ipvhCxnfkq3QXuw4iSJID0Yiv2BcMxrbX4vvF8B4Mo2h9rr-k8jdFi5OSp0k8lDlwcitAtn_eF5DBz0I0YPmwvUcXy9syIyBdxd7Px2hFKy-0ThXAvdyCvqnsmfamu0eBq4Z7_TkG3SFKbSNAGEa4_uPmMmLGhBCyxBqVEbjtkg&sig=Cg0ArKJSzBtwj1_Fy5y_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20210524.32453&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0nhbupPZF4QbHsYREOnAgjQqNpx52dVOR3VGg1Qc8g92cHyK6xYj9eFdSJOO7OLFOebwyKw6-ybMORFKCstBuRB-jyN_AfMpQecwvsncSHQUYImEXXufbicBJoZO1FyDg2R5hWCaiEPkaASoicUqnXb8_fw&dbm_d=AKAmf-AiF8ziJHckczzkaiN2-4L7YpbnQtWUNYIw9zVgNnwMsmED9zWUFAvVLQu9DItiXMnveZ0mxaZVkm3ZBiFQuLQEtgg32hd7Qq4L_f-0uPjGf6AXf31Pvn-Ukc7RjRsXUUL7G8_cSEeUb0EFGK-2uBHD4JjrG9YH1d47HR6avQz4uJFtxnW8VU4Hmq8JUgKTtdOQSEz1wRzX_6743u2Q968WHq_Ddw7t3pesbTzumlRBt3sV7sJF77OA7vCa5qTI2yL6VGgX_7Y3YHx1wolFgl6eKISxMj9yhV3880ZwziveAZjL0n2ZjqfPI0-oS2mav4OEPJatjFjCEhCdQIpTpLygaLK1rNSkPwFlvHetBIvZlYW3weVkbl0vFDL3bgxo2pFKegc1vvY1VpbCjETNjIwgIMS5wo-M6jWQJ-YthDfYKNsixvA2wsBjX35wmdJHgUD0xN0mcHxKMq9fAw4mmHfqq4jMg6ku1Dli8BW35zsF1nyBEUBd-7f7dFX1nFhg9-vwC9pT6CDvwfxpNMpKlDOhez2qtBuFawz1Pdpy1KMcTTCwEMXUuEZVfq_qefY7ZL-qoYfJRHk7WfnCAmnqwXiygYH0ygGNkPL0qx6TVFCpW4KeWR46e8QkUGbJykXi_dxSf5OSgycd6_GhLKWVfvtZb6g6YftCl8pMSr2ILvq4q1CRjnM8mphL7QGViIEush3X2tuX38dp8aWLKbyAnInut4zqSrnwC-HFkZH4vVf7tCUb81sz1u32Hf6xtb-fQejwHB6W_uJkbe5FYo9dYg9K9qGNPz7xXuuIlxkxv0xpamjIYcdEHM6kBRRplNV7rzLURizs53zO899O2oFM9Fz0kXFFrZTQj6U7um7AVYywDEXDY4dbwWpHh5ZFX_TGhzUMvz6G0623AqqpNig4hjLR5zvGMO0cGEjyM5yb-7HXCYabVky7JrfgV4YHO7ZzaFx-LL6MzJec__ZGNd5asxMDplrxZldDTSgChVDGjdVQ2Ryck0pcPrIqG4svGa2FV8eWS5BRXiFw_V4ImDaXS3kJVG9MpcvebzkpMimKw5PFOEY8I7tFWjLb47eP1yJx3OeFFGmz8Sq5HBhGW7xbEkSd2OYtWczlPYTOWVj8dDnYUp8JIpsk7sIXufKCCcZL6B1owGg1vwS-I6UHiGT6aGkL7OzFAmrSmvqTt3Ofk5evJIj3cm6pQ4k_YITZ7Bcuiz4XEZNmK-h4RGUpt12L7KcZFGt8qb1PzdaN49RKHTDA97W6ZztsguKKG4KAvKQYci9DAeuXvzhsikknigNGYwiiz34xkupa-lksnhO1OsYx1PTVtZuQsYfXjsLVQCv66I2E2rxv9-EzsfQ-03syErI_Lrv75oKh8abKN3JnIK9jWkCichjGaXylaj-Hzds51c5bTK_ew3fyDoH7M7lR8GF1kvPTWY83nsoLZQRp1bPvmPhDTLmvCE8d1SDW9O9H6Z1AzgUDojR_3s9GljSnsIBJGYvq0aG7buw5za1iAVkrQoazo3o8_8sM70kqIhEy_3IfKz6CDXNZEXEBk0V45H57pSgUiokSCdV3L14Jze8uwJTf4vfbsHjKTSeh5DstkhjWkqLoYc994yFHFR6T2pE6nVLrfUL0XBnataHvDpCsFXDp4ZEU9TjqtsK2ULkuqYl0ylwujer4OMI02q5dV6MUqpWKEbiZIad3Y41i5pzVhs_gastPk1hziULIEvW5zRzK38gXprSzZcPsO0XBDbM5SsxsmNZZGmRVOaIcg7VSrF_5KSxKgP6Nlzofb1UXsvSZvJQI61U_vF9FFaSfBtmftr_ZYBnuaFMlvNzl9Wt5kD6kMUhr5B4Ri9WWz4__EmD9h7n4Wcwx7IVgSXu7_0HfcEykd_zAyMm2BsX-zV9PrZMgUuKwte5bdWQq7IA_J5YFgU8vtCcODqTYHkkx4DZW4J8AIYpKoIFiVYAPzXd9naAgkezqvBIK5YomCNms70IGCeIHPHO0zcqshgY0r6l1Hps_KfBf5n4onVYXl560AYATtgM30E1ERuv831qZYSGtRW7Jku8wACuDAt-Dw-bi0iJiyO84b57NxRiH62l5lnLBa1SKQFIozsW8WyBIgF3Ro6zmckFE8I-f970obdZ-UauB-oB-FwZx2eJfbCdwHShKtaklt0ev_XRBW7qI-O2Ka5ltWb_jWm7X_X0OYuFxc8dI3h3qty4pV3qbgmXjd9_DhkePf30QIbJD27AEgEuldeJM38xtAJV1a3STqc0x8Y1DIMjW4zYIPweQuVbRyIVRqzpyRQ5N599rsHr98sW6N6eCYP5gmD0J1IEw4WitG5n-OkhNsk2yccJeS1T26bsR4CnhMSm18wxPhMgbZKlX9RdXYwismlUBKzyM9Y3Mmy-cvjs5CEjWSDAOaXOlgfON6iCUNr9ti8ixcgx__43BnN5y_zIIGT7bZhxNaDxUW89YClKcxvGVDHjYRE00Yd6D0xpYVSlX-06u06KlXWIVG8gJMYcdo-Fh9TnN9PaILIsr-IHfoKfohp7AuWpDB8k1Y6vuBiDYuWt6mvo8wfdt52domGyyCSJiQ8RlV6O9gw2MN2mWG8Ic632Ep5zr5-7fRXMFqAptqLQ8lpBnRj2nwb6FZAy6UwT-FsTGpr_JqNDhajkF5cWhJUkL7NtyWFcjdfa6y1cSF12ZDhn8Z0tSQT5Zeaui-TyFsvWvj8zD7jbEE_3bHcVXE8rLcN2NhxJJfn6vlskVc0AEP0e4pEsLjkw-rqPVA4gz8wIaYvJej0TvBPdKT9-MKsfk5j5V9nGxdNOsE7fUdRaykTZvw0Lzv8LnZoviEJvw9iUv-6mhJA1Eh1w0_YBjrA48TSDY8bOwIlgnvXEeSPqgM-aCiFMtkuTXWBAjW_LTXxBbKbQZTUQxy58V20bKXKOoIDTfY1XsohYvtKrTWG8r6Pd7Ogyr47-UCfJGh3bC-a-K-RvJrh1khMpr3itS0kO5MkoMMrDDGEt4yDiSdlZg0Le_TPjd4gZtQqaTyNN43XjeOmgRkCz4_Q&cid=CAASPeRoaIltfFUKxkivgbpa58xQFRVVPRDaHONQt3tOem2kH4cmj95HaGVoaZ0fxOudgPZ_Gd3u5D7yHw3lQzs&rfl=3%2Chttps%253A%252F%252Fsharemods.com%242%2C%2Chttps%253A%252F%252Fsharemods.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 30 May 2021 14:50:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 49C9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0nhbupPZF4QbHsYREOnAgjQqNpx52dVOR3VGg1Qc8g92cHyK6xYj9eFdSJOO7OLFOebwyKw6-ybMORFKCstBuRB-jyN_AfMpQecwvsncSHQUYImEXXufbicBJoZO1FyDg2R5hWCaiEPkaASoicUqnXb8_fw&dbm_d=AKAmf-AiF8ziJHckczzkaiN2-4L7YpbnQtWUNYIw9zVgNnwMsmED9zWUFAvVLQu9DItiXMnveZ0mxaZVkm3ZBiFQuLQEtgg32hd7Qq4L_f-0uPjGf6AXf31Pvn-Ukc7RjRsXUUL7G8_cSEeUb0EFGK-2uBHD4JjrG9YH1d47HR6avQz4uJFtxnW8VU4Hmq8JUgKTtdOQSEz1wRzX_6743u2Q968WHq_Ddw7t3pesbTzumlRBt3sV7sJF77OA7vCa5qTI2yL6VGgX_7Y3YHx1wolFgl6eKISxMj9yhV3880ZwziveAZjL0n2ZjqfPI0-oS2mav4OEPJatjFjCEhCdQIpTpLygaLK1rNSkPwFlvHetBIvZlYW3weVkbl0vFDL3bgxo2pFKegc1vvY1VpbCjETNjIwgIMS5wo-M6jWQJ-YthDfYKNsixvA2wsBjX35wmdJHgUD0xN0mcHxKMq9fAw4mmHfqq4jMg6ku1Dli8BW35zsF1nyBEUBd-7f7dFX1nFhg9-vwC9pT6CDvwfxpNMpKlDOhez2qtBuFawz1Pdpy1KMcTTCwEMXUuEZVfq_qefY7ZL-qoYfJRHk7WfnCAmnqwXiygYH0ygGNkPL0qx6TVFCpW4KeWR46e8QkUGbJykXi_dxSf5OSgycd6_GhLKWVfvtZb6g6YftCl8pMSr2ILvq4q1CRjnM8mphL7QGViIEush3X2tuX38dp8aWLKbyAnInut4zqSrnwC-HFkZH4vVf7tCUb81sz1u32Hf6xtb-fQejwHB6W_uJkbe5FYo9dYg9K9qGNPz7xXuuIlxkxv0xpamjIYcdEHM6kBRRplNV7rzLURizs53zO899O2oFM9Fz0kXFFrZTQj6U7um7AVYywDEXDY4dbwWpHh5ZFX_TGhzUMvz6G0623AqqpNig4hjLR5zvGMO0cGEjyM5yb-7HXCYabVky7JrfgV4YHO7ZzaFx-LL6MzJec__ZGNd5asxMDplrxZldDTSgChVDGjdVQ2Ryck0pcPrIqG4svGa2FV8eWS5BRXiFw_V4ImDaXS3kJVG9MpcvebzkpMimKw5PFOEY8I7tFWjLb47eP1yJx3OeFFGmz8Sq5HBhGW7xbEkSd2OYtWczlPYTOWVj8dDnYUp8JIpsk7sIXufKCCcZL6B1owGg1vwS-I6UHiGT6aGkL7OzFAmrSmvqTt3Ofk5evJIj3cm6pQ4k_YITZ7Bcuiz4XEZNmK-h4RGUpt12L7KcZFGt8qb1PzdaN49RKHTDA97W6ZztsguKKG4KAvKQYci9DAeuXvzhsikknigNGYwiiz34xkupa-lksnhO1OsYx1PTVtZuQsYfXjsLVQCv66I2E2rxv9-EzsfQ-03syErI_Lrv75oKh8abKN3JnIK9jWkCichjGaXylaj-Hzds51c5bTK_ew3fyDoH7M7lR8GF1kvPTWY83nsoLZQRp1bPvmPhDTLmvCE8d1SDW9O9H6Z1AzgUDojR_3s9GljSnsIBJGYvq0aG7buw5za1iAVkrQoazo3o8_8sM70kqIhEy_3IfKz6CDXNZEXEBk0V45H57pSgUiokSCdV3L14Jze8uwJTf4vfbsHjKTSeh5DstkhjWkqLoYc994yFHFR6T2pE6nVLrfUL0XBnataHvDpCsFXDp4ZEU9TjqtsK2ULkuqYl0ylwujer4OMI02q5dV6MUqpWKEbiZIad3Y41i5pzVhs_gastPk1hziULIEvW5zRzK38gXprSzZcPsO0XBDbM5SsxsmNZZGmRVOaIcg7VSrF_5KSxKgP6Nlzofb1UXsvSZvJQI61U_vF9FFaSfBtmftr_ZYBnuaFMlvNzl9Wt5kD6kMUhr5B4Ri9WWz4__EmD9h7n4Wcwx7IVgSXu7_0HfcEykd_zAyMm2BsX-zV9PrZMgUuKwte5bdWQq7IA_J5YFgU8vtCcODqTYHkkx4DZW4J8AIYpKoIFiVYAPzXd9naAgkezqvBIK5YomCNms70IGCeIHPHO0zcqshgY0r6l1Hps_KfBf5n4onVYXl560AYATtgM30E1ERuv831qZYSGtRW7Jku8wACuDAt-Dw-bi0iJiyO84b57NxRiH62l5lnLBa1SKQFIozsW8WyBIgF3Ro6zmckFE8I-f970obdZ-UauB-oB-FwZx2eJfbCdwHShKtaklt0ev_XRBW7qI-O2Ka5ltWb_jWm7X_X0OYuFxc8dI3h3qty4pV3qbgmXjd9_DhkePf30QIbJD27AEgEuldeJM38xtAJV1a3STqc0x8Y1DIMjW4zYIPweQuVbRyIVRqzpyRQ5N599rsHr98sW6N6eCYP5gmD0J1IEw4WitG5n-OkhNsk2yccJeS1T26bsR4CnhMSm18wxPhMgbZKlX9RdXYwismlUBKzyM9Y3Mmy-cvjs5CEjWSDAOaXOlgfON6iCUNr9ti8ixcgx__43BnN5y_zIIGT7bZhxNaDxUW89YClKcxvGVDHjYRE00Yd6D0xpYVSlX-06u06KlXWIVG8gJMYcdo-Fh9TnN9PaILIsr-IHfoKfohp7AuWpDB8k1Y6vuBiDYuWt6mvo8wfdt52domGyyCSJiQ8RlV6O9gw2MN2mWG8Ic632Ep5zr5-7fRXMFqAptqLQ8lpBnRj2nwb6FZAy6UwT-FsTGpr_JqNDhajkF5cWhJUkL7NtyWFcjdfa6y1cSF12ZDhn8Z0tSQT5Zeaui-TyFsvWvj8zD7jbEE_3bHcVXE8rLcN2NhxJJfn6vlskVc0AEP0e4pEsLjkw-rqPVA4gz8wIaYvJej0TvBPdKT9-MKsfk5j5V9nGxdNOsE7fUdRaykTZvw0Lzv8LnZoviEJvw9iUv-6mhJA1Eh1w0_YBjrA48TSDY8bOwIlgnvXEeSPqgM-aCiFMtkuTXWBAjW_LTXxBbKbQZTUQxy58V20bKXKOoIDTfY1XsohYvtKrTWG8r6Pd7Ogyr47-UCfJGh3bC-a-K-RvJrh1khMpr3itS0kO5MkoMMrDDGEt4yDiSdlZg0Le_TPjd4gZtQqaTyNN43XjeOmgRkCz4_Q&cid=CAASPeRoaIltfFUKxkivgbpa58xQFRVVPRDaHONQt3tOem2kH4cmj95HaGVoaZ0fxOudgPZ_Gd3u5D7yHw3lQzs&rfl=3%2Chttps%253A%252F%252Fsharemods.com%242%2C%2Chttps%253A%252F%252Fsharemods.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 16:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80006
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 16:37:08 GMT
rum
dsum-sec.casalemedia.com/ Frame 6D45
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRjIIumx4PfGLYovRr7Mnk&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRjIIumx4PfGLYovRr7Mnk&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRjIIumx4PfGLYovRr7Mnk&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNUduT-z6C5qXlFfZRVz10tuLWfD_B_vH1464B-NJ_CacUPd8mYRXT1feEt-aQEzMKO_WTVYyYgKkpjVzhdz0U6fF3xC6lGp9HGcxZGD2XaFYuUiJYqMgTw1TR9sIKvjnuqXs8yMBqm7ECA798-3gl9qdQdWqybPlEXc2DFhQXT3dPoTOO0K0xFUUglYdDcciCsNkqMiC_YV51ibw5pvQh_NAgf0rw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:50:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 14:50:34 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:50:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRjIIumx4PfGLYovRr7Mnk&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sun, 30 May 2021 14:50:34 GMT
rum
dsum-sec.casalemedia.com/ Frame 6D45
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLOmOuW3TNDVab2aVHOl4gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRjIIumx4PfGLYovRr7Mnk&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRjIIumx4PfGLYovRr7Mnk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNUduT-z6C5qXlFfZRVz10tuLWfD_B_vH1464B-NJ_CacUPd8mYRXT1feEt-aQEzMKO_WTVYyYgKkpjVzhdz0U6fF3xC6lGp9HGcxZGD2XaFYuUiJYqMgTw1TR9sIKvjnuqXs8yMBqm7ECA798-3gl9qdQdWqybPlEXc2DFhQXT3dPoTOO0K0xFUUglYdDcciCsNkqMiC_YV51ibw5pvQh_NAgf0rw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:50:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 14:50:34 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRjIIumx4PfGLYovRr7Mnk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6D45
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEB-qHur4UDLUcnOb4nPXgKY&google_cver=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEB-qHur4UDLUcnOb4nPXgKY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNUduT-z6C5qXlFfZRVz10tuLWfD_B_vH1464B-NJ_CacUPd8mYRXT1feEt-aQEzMKO_WTVYyYgKkpjVzhdz0U6fF3xC6lGp9HGcxZGD2XaFYuUiJYqMgTw1TR9sIKvjnuqXs8yMBqm7ECA798-3gl9qdQdWqybPlEXc2DFhQXT3dPoTOO0K0xFUUglYdDcciCsNkqMiC_YV51ibw5pvQh_NAgf0rw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:50:34 GMT
X-Proxy-Origin
152.89.163.12; 152.89.163.12; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.183:80
AN-X-Request-Uuid
5ae6826e-a52c-49f9-9f6a-efa5ab755ef3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEB-qHur4UDLUcnOb4nPXgKY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6D45
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0MTEwNTQ1ODIwOTA4OTQwNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0MTEwNTQ1ODIwOTA4OTQwNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNUduT-z6C5qXlFfZRVz10tuLWfD_B_vH1464B-NJ_CacUPd8mYRXT1feEt-aQEzMKO_WTVYyYgKkpjVzhdz0U6fF3xC6lGp9HGcxZGD2XaFYuUiJYqMgTw1TR9sIKvjnuqXs8yMBqm7ECA798-3gl9qdQdWqybPlEXc2DFhQXT3dPoTOO0K0xFUUglYdDcciCsNkqMiC_YV51ibw5pvQh_NAgf0rw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:50:34 GMT
X-Proxy-Origin
152.89.163.12; 152.89.163.12; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid
940f2853-3b1b-442a-99cd-c0cd247707e7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM0MTEwNTQ1ODIwOTA4OTQwNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame 71BA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:24:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
1572
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 14:24:22 GMT
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame 1D97 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:24:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
1572
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 14:24:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 49C9 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmHrwv1eSNSeEauyUoFNrie2YtSUMnNAKIBqZV6Q4qFjzxlDde1J6T_hwNX0JXtOa7ouzPrVb5NZIiQw4BukB2tIBJlmYXw1sYLBFhoVEYcmm9_eIf7ZUX_zyYp2QpIepnWUJpciGKOJp8UVycbqclhAt7VsOOwuEcOArh4QSL97BhzS3TgLVhyRF6lB7XSVzeccA-mzleCx4UdDzlkIizInEooI2s470G_PmqHqrq_SKVFSiIG0XM0QYpDNJlIeP1P2x9_sIpWGpi2I2DeB1MGmfCBZx07bNVKkR76tXnZCXu_rUEenODvIDC7pXbP_wpe5sUPf7LxTgVncRSkKmFjOu_Ke0LjNx8JefaunKnfg3_ElZc54e9r4giRO8gSxGgEJ_c-7R1wbgzMfbk5EWY2djNeCTw8uk-xfgml_Ll7AZ5-oaN4m8QSsNLNK_i2OWZr2jRO1Sp6oqFdbqHppkHWzLXM4AqMWFPNgEldVhD1LhyQ8B7dgNyqZEwVsqDO9KkZLExAFVv8fcmCWv8DxTAKvubRpI6ybN-i7DiHjHCqBSiGf-jjCa8xkAM8OBP8fzJvH_naOE29BpGXT6LI5CIb6070veqNSqcejMMnAjC77qCn8t3GDwQVnH_TrkVdxiHofBqYA49ZMFZqJ_HHZ-dn7b6CG3Nz_r6i7by-v4Wc5l-ogFBa7-0fWJe-Dq_dJ39ZYwj2EIDLKxBPhQeK7J3pJVR-plGeCuxzZcp2IPKHi5EwkDBZEwUuSbu-fZUb_cIb9jUtJ13x0RjWzINIn0IaYzkhipg6cKbkm1Z92rFr_INnMQQ1ZptHLMzAakyO-yb9SycSUSQaPT0sd_oOVbU0Nk4Pg83pOm31W7qaaApes1ZckDOHmyxtmcOAT1GjuOw-VH2Cv--LrCaKQXkEspenzwirQRSWwZCcY6uPBSOdsH-rYCFCHOfzxqjKEeH5nMmkgdHvFu09tCwFL9g3UT7owIaRc7u-vG0-8FwdZQJz6swGRL7N8aeIievzakL835aZReeBFqMibmVT0aus3wXLcVRWLN5DmRLPMzWaG50nrREycqi_2dggX8px-pDh5Z8KoS9Cn1PpGK2cL1L3mXgdFpghtAUnXFXr6CqrSaLnCzmkGOvINT9S6ngm8G-J5rygGHLpePNYGzVMwXLCYX9CZ_MromrQ8_JWopc14vR0pUTfEXyv0QSHGBlVHE&sai=AMfl-YSwm9e1LEEZzlgjkn9DfQZSeHKvJV5jj9N0Cp6vxlexrvH6JOO1iTC_f_A7W01ipvhCxnfkq3QXuw4iSJID0Yiv2BcMxrbX4vvF8B4Mo2h9rr-k8jdFi5OSp0k8lDlwcitAtn_eF5DBz0I0YPmwvUcXy9syIyBdxd7Px2hFKy-0ThXAvdyCvqnsmfamu0eBq4Z7_TkG3SFKbSNAGEa4_uPmMmLGhBCyxBqVEbjtkg&sig=Cg0ArKJSzBtwj1_Fy5y_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=38&vt=11&dtpt=36&dett=2&cstd=1&cisv=r20210524.32453&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0nhbupPZF4QbHsYREOnAgjQqNpx52dVOR3VGg1Qc8g92cHyK6xYj9eFdSJOO7OLFOebwyKw6-ybMORFKCstBuRB-jyN_AfMpQecwvsncSHQUYImEXXufbicBJoZO1FyDg2R5hWCaiEPkaASoicUqnXb8_fw&dbm_d=AKAmf-AiF8ziJHckczzkaiN2-4L7YpbnQtWUNYIw9zVgNnwMsmED9zWUFAvVLQu9DItiXMnveZ0mxaZVkm3ZBiFQuLQEtgg32hd7Qq4L_f-0uPjGf6AXf31Pvn-Ukc7RjRsXUUL7G8_cSEeUb0EFGK-2uBHD4JjrG9YH1d47HR6avQz4uJFtxnW8VU4Hmq8JUgKTtdOQSEz1wRzX_6743u2Q968WHq_Ddw7t3pesbTzumlRBt3sV7sJF77OA7vCa5qTI2yL6VGgX_7Y3YHx1wolFgl6eKISxMj9yhV3880ZwziveAZjL0n2ZjqfPI0-oS2mav4OEPJatjFjCEhCdQIpTpLygaLK1rNSkPwFlvHetBIvZlYW3weVkbl0vFDL3bgxo2pFKegc1vvY1VpbCjETNjIwgIMS5wo-M6jWQJ-YthDfYKNsixvA2wsBjX35wmdJHgUD0xN0mcHxKMq9fAw4mmHfqq4jMg6ku1Dli8BW35zsF1nyBEUBd-7f7dFX1nFhg9-vwC9pT6CDvwfxpNMpKlDOhez2qtBuFawz1Pdpy1KMcTTCwEMXUuEZVfq_qefY7ZL-qoYfJRHk7WfnCAmnqwXiygYH0ygGNkPL0qx6TVFCpW4KeWR46e8QkUGbJykXi_dxSf5OSgycd6_GhLKWVfvtZb6g6YftCl8pMSr2ILvq4q1CRjnM8mphL7QGViIEush3X2tuX38dp8aWLKbyAnInut4zqSrnwC-HFkZH4vVf7tCUb81sz1u32Hf6xtb-fQejwHB6W_uJkbe5FYo9dYg9K9qGNPz7xXuuIlxkxv0xpamjIYcdEHM6kBRRplNV7rzLURizs53zO899O2oFM9Fz0kXFFrZTQj6U7um7AVYywDEXDY4dbwWpHh5ZFX_TGhzUMvz6G0623AqqpNig4hjLR5zvGMO0cGEjyM5yb-7HXCYabVky7JrfgV4YHO7ZzaFx-LL6MzJec__ZGNd5asxMDplrxZldDTSgChVDGjdVQ2Ryck0pcPrIqG4svGa2FV8eWS5BRXiFw_V4ImDaXS3kJVG9MpcvebzkpMimKw5PFOEY8I7tFWjLb47eP1yJx3OeFFGmz8Sq5HBhGW7xbEkSd2OYtWczlPYTOWVj8dDnYUp8JIpsk7sIXufKCCcZL6B1owGg1vwS-I6UHiGT6aGkL7OzFAmrSmvqTt3Ofk5evJIj3cm6pQ4k_YITZ7Bcuiz4XEZNmK-h4RGUpt12L7KcZFGt8qb1PzdaN49RKHTDA97W6ZztsguKKG4KAvKQYci9DAeuXvzhsikknigNGYwiiz34xkupa-lksnhO1OsYx1PTVtZuQsYfXjsLVQCv66I2E2rxv9-EzsfQ-03syErI_Lrv75oKh8abKN3JnIK9jWkCichjGaXylaj-Hzds51c5bTK_ew3fyDoH7M7lR8GF1kvPTWY83nsoLZQRp1bPvmPhDTLmvCE8d1SDW9O9H6Z1AzgUDojR_3s9GljSnsIBJGYvq0aG7buw5za1iAVkrQoazo3o8_8sM70kqIhEy_3IfKz6CDXNZEXEBk0V45H57pSgUiokSCdV3L14Jze8uwJTf4vfbsHjKTSeh5DstkhjWkqLoYc994yFHFR6T2pE6nVLrfUL0XBnataHvDpCsFXDp4ZEU9TjqtsK2ULkuqYl0ylwujer4OMI02q5dV6MUqpWKEbiZIad3Y41i5pzVhs_gastPk1hziULIEvW5zRzK38gXprSzZcPsO0XBDbM5SsxsmNZZGmRVOaIcg7VSrF_5KSxKgP6Nlzofb1UXsvSZvJQI61U_vF9FFaSfBtmftr_ZYBnuaFMlvNzl9Wt5kD6kMUhr5B4Ri9WWz4__EmD9h7n4Wcwx7IVgSXu7_0HfcEykd_zAyMm2BsX-zV9PrZMgUuKwte5bdWQq7IA_J5YFgU8vtCcODqTYHkkx4DZW4J8AIYpKoIFiVYAPzXd9naAgkezqvBIK5YomCNms70IGCeIHPHO0zcqshgY0r6l1Hps_KfBf5n4onVYXl560AYATtgM30E1ERuv831qZYSGtRW7Jku8wACuDAt-Dw-bi0iJiyO84b57NxRiH62l5lnLBa1SKQFIozsW8WyBIgF3Ro6zmckFE8I-f970obdZ-UauB-oB-FwZx2eJfbCdwHShKtaklt0ev_XRBW7qI-O2Ka5ltWb_jWm7X_X0OYuFxc8dI3h3qty4pV3qbgmXjd9_DhkePf30QIbJD27AEgEuldeJM38xtAJV1a3STqc0x8Y1DIMjW4zYIPweQuVbRyIVRqzpyRQ5N599rsHr98sW6N6eCYP5gmD0J1IEw4WitG5n-OkhNsk2yccJeS1T26bsR4CnhMSm18wxPhMgbZKlX9RdXYwismlUBKzyM9Y3Mmy-cvjs5CEjWSDAOaXOlgfON6iCUNr9ti8ixcgx__43BnN5y_zIIGT7bZhxNaDxUW89YClKcxvGVDHjYRE00Yd6D0xpYVSlX-06u06KlXWIVG8gJMYcdo-Fh9TnN9PaILIsr-IHfoKfohp7AuWpDB8k1Y6vuBiDYuWt6mvo8wfdt52domGyyCSJiQ8RlV6O9gw2MN2mWG8Ic632Ep5zr5-7fRXMFqAptqLQ8lpBnRj2nwb6FZAy6UwT-FsTGpr_JqNDhajkF5cWhJUkL7NtyWFcjdfa6y1cSF12ZDhn8Z0tSQT5Zeaui-TyFsvWvj8zD7jbEE_3bHcVXE8rLcN2NhxJJfn6vlskVc0AEP0e4pEsLjkw-rqPVA4gz8wIaYvJej0TvBPdKT9-MKsfk5j5V9nGxdNOsE7fUdRaykTZvw0Lzv8LnZoviEJvw9iUv-6mhJA1Eh1w0_YBjrA48TSDY8bOwIlgnvXEeSPqgM-aCiFMtkuTXWBAjW_LTXxBbKbQZTUQxy58V20bKXKOoIDTfY1XsohYvtKrTWG8r6Pd7Ogyr47-UCfJGh3bC-a-K-RvJrh1khMpr3itS0kO5MkoMMrDDGEt4yDiSdlZg0Le_TPjd4gZtQqaTyNN43XjeOmgRkCz4_Q&cid=CAASPeRoaIltfFUKxkivgbpa58xQFRVVPRDaHONQt3tOem2kH4cmj95HaGVoaZ0fxOudgPZ_Gd3u5D7yHw3lQzs&rfl=3%2Chttps%253A%252F%252Fsharemods.com%242%2C%2Chttps%253A%252F%252Fsharemods.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:50:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AA0D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 29 May 2021 16:37:08 GMT
expires
Sun, 29 May 2022 16:37:08 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
80006
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 49C9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
385ab5b83c2bce7d98cebd584aa90a32fab9baeba455b22a59f31e96d90d94a0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame 16BA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:24:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
1572
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 14:24:22 GMT
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame AA0D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:24:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
1572
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 14:24:22 GMT
node.php
node.setupad.com/node/ Frame 0869 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 30 May 2021 14:50:34 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A04 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052401&jk=3706316484090949&bg=!FBelF1PNAAaMan2LjGo7ACkAdvg8Wt9ESkAFzr67IXinPNtnSmZKgvW0Q5VHCzz4oEsYYa3H9f6ongIAAAEEUgAAABpoAQcKAMYRecv8waf60Gm01IQGVitAXk1ABpKmQiXN0tM_GdUY2wtOmgNmHzK7lwt_hrKWB6QalSppKRxtMkinvE09mRSiEU2NqI7T-sev0Mnfd6tirAwOZDJ_T2bBgdWafHTKab6wigm-9AqqFve15mnrE8aPg6qRVO7Y1pyXOf3BP1yIhWV-yeGZ7FlFS3IwO_HUt-q-aBGkECvKQpSJsGuCbMGdGKzosnKO_FQ2LCNJLQeh_il_mY41spDt32TsIzaJc3wBCWPfrQWZAmPrU6XrXAo2U2oJj__L9OnMuyerRPdEFn6OApG4NygYS42LI6hNmyYLzgWCEjvoHqohu0bydVb0k7DT14PwEsoq3fC6BbG1_xDZPW968gVjjdoZLaTF0oyaZw17-J09DDWBLgbODfLe4-Y517R5nwb0uHuvjIRRCaMWwWPc4VvWtGLEYQey0uk_Sw_WPESjSYK2B-ZRKMsGv6ImtFl1LyDSjBfiVhX1xnsK-1XsiKEu0kkOsPPrJP5e4Repws_w2y12EZjSZ88gzxKQs15rTZqiVlLpFu4NLqzupD8QHQW0fWinsU7MGaTKcH3WYc-GsfjRd2BaFRkMvYlu8Sqj9QVAy1Pa2wYR1cCgx6Gr86i_B5X0MeebhIoUP5Hvs-sHRRfmFUxq0RlrQGEOgxvVwmUZizyQPATaETUYdwWI72Yzd5FxngaLbqDBr0Ii2ycGpzVj8_QWYbQgfxQZlYShQ6-y8HS4WiexU8PJ6lyiBHEc8WANrLVRRHyT-HYDh4s-mnOaThGX2Eo37Jv8c8YwcJCXPnBVacalG20TPAkatlPPt15a9-HdpF-ypkunLsFxDTpCc5glTRzfzzskJVcOIj66BeMrrV4fOa2ySuD82vApmdQ8564X4jQDCuot1evhSA33NL-OjKsyb5AHDYVJqjjNF3fOJYI0QcMYVlr-9H5h779EH-FzhmE9rk_OW_Um--V3wWoyEPC7DactWIbuzKR3XLLYIcG-8_dFRvS3wuVPMt8ShTCMrXB6fW121mYbyVGrsg14laYc_BQbPIdFUoL4VDLYWGBWujYVkzr6M7kCVe4N4A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5034 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052501&jk=4277451294619544&bg=!LS6lLmrNAAaMan2LjGo7ACkAdvg8WugNulh76PyFTkGSxv0VHhjfVQjkrA9JAdsxTbxldxnLBSZ2vQIAAADiUgAAACFoAQeZAmTR0G5x6Je9s_qZcFLHRuP7FGB24y1c7uvYsQbywR9q_4MiEgHnWdbPBPU_7lSFtF5NOx_ecFePvN-t6YGNi-kRKSeyxu9REcyCnD_teXAlnXV-FIAXQzCbRGpvjQSg7QP05cZd3ewdezMfI3ZWMDAonaR75hTOVygp9DrVHu2RyPGXe2vIG1HvbupVQuyFUAqe_y7XIb9_esZwwmAbOx4iejD9u0YbDfozraZ5omvm0J5w_05fwPB_40-icbj4qhg-_X4ulsxGvocKHa59BXYlgO78kBLGDti8EES4AwTEjDJ2xZ7K4vC17tD4iMbGBfVVi6aRYu3BeJUcM-Fqw2YSv_S-XQv_suGUeXwa5FmovGRmPNUwZoH7xHhlUSd-Bscq5lQspccUqy93JmdVvcYpHMoR3Z4CapNxlCSoucah2F0DB9AmS3uifPPrcYdtDBK0sSt4jY2Wf8kaLsRf1Po6Tj6pNYltAE9Bb-A-6bppjm1nd-2PZU9YqIW6_wKiOSMF5_NkGVuGEeBqe3TxBF5gWEXbgE39aW_2oZmzMGDMgbPnc-LHSoRqy3E0dRF1vu5R5mMkcTzXx4ULNr1rwdBWbHMBU9P-0BpUzWJxQhQPoq6zxwJw76rjFtiOi7kqF-WcLpy6-ZP_4VBnDZuA6XY4hyVVPxnEiJdFdJJJcmhKP6DXnKR9N9QT32T7Y37eOaHX2lkrN8TC44NFMHOvyyLtXt0iROLF9dJjs1Z2aXTnzU0RoMwSiVj2GH2G7qI0scgoPBBJGySMMpaE5R9Jhy_Rs_GImtzA7vJ9pfrxTTTyOcijMsU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0869 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052401&jk=865751947611522&bg=!X1ylXBjNAAaMan2LjGo7ACkAdvg8WspdxAQwPmVwbnH2AXl-5I3iPdxnxifD0N0BGD6VNIi0Vq2aQQIAAAEHUgAAACRoAQcKADy4cg5jKfk0yCXJxtdlx4oL1OUH1fUrJV_3ulcONtNFfzLk8QXkbxsI3YzVRIABBNhhFhf-L-Y1MWqbls2ZAofXlCcBk3W6xAhz8dDnxI0NcfY6vs4D3g6ffUeP-t3RBwv8C1_TgTALtNLTnQloP8zMM0-7E8htfqdxTSfX4jLQ_5nW-LH3zZ-cHJ5xpIbTz9CZajIyxmhW-7CCrAA3NUEkXKmfS9Z7wMvNItC5Y9cr8rsbiKUp7MsWjmvaGP5j3Yyxe8QTnjMvG1UL1W5IYo8srpS42ZJRMk_BhvM37s18UfDB-AN2c-mMUaC8RJk1jG4OPLqf0G94NUFlmSZCOrWvGwY07Hy4RRv1XOEMadOI5M9oD-PEymBBCJE7aiSqHvwKGDJlsTQOUBetNwcsxtj_D7ktuCmGjMUqhzfgHUDnOHijzs2rABN_KeRXRnHqEFedPlWmirl8QHahOx-HdYn0vb1hU3cqeb42BVysBG344NXcYgNjeK47gwRkh9vBEoOiXTLKDnOWr6Z-zDs86Y_1hy4pnCaXFhjxjLjhpw-eOWEANUJ3xTHoaEc2kZhI2xzNoE7d3gax2jD_bDXwZQPl9eoPUPV5txts9fKhg419ylYccItOyKGjIKFO0068Twav0mGX87qmaUc5bM55LkP6g9AdvapiNMa9goI99OfmJUZSdUQAMHy2O7pr9Y3ePgqMcWGU9S9dLOGcchTj0iy5SOJGi_hGibI88qqy5vLcwbqzgR-44oFFokBNgesXgUdELbWNArmnpfF-M8HL-MaOiYs7yIcVgny-GKr-auYOWK9qDR0zOpN-43yT7XokMyQDSLCRfTjiGO5mZFc6WWHwwt2MNTADxTUD3AjV1PnU9gaIgc_CQRoCwgWWdRR0YF1GJ8r9l6sMmTxx3kLYwi61xYKAIy_5ro1VLhxn5drVAGRTLM4SeA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA0D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHX9FOaazYPCrOJaPrATRn7voBAAAAAA4AeAEAg&bg=!jY6ljsrNAAaMan2LjGo7ACkAdvg8Wtvb1tdMSHJREdbp-mlfqXjwK9n1bMDlRFqt_Jty-CF37mZi8AIAAADXUgAAAApoAQeZAsYjNJKwHMzoY6E9c5eDaOiy2xm5RsRGMf2cqnrq1rcPwfg50dCyhLtQX_FNDHNe0Hemwral45dKhT76-Rdsqw-ZlBrcFNC0kKZ-or7xuuArutNcMWT3DhmeqWYi9OKBzJHoQ0LvcAAd1UZrGABAUb0ZOeylt2cdMvl-WJYChV8m9Jha52bHlrZyhIKaHmVZAvFriwE-ue4m74eVb_i169jT6SNr1hXgZiu_njTFpDVWKOarktrInS6VgcevUBOX-3k0fJeZj8cabrzqJbM-FznLn_D9G1s8FlrJuhnyqvP_Zgi3citex5WzEetD0eN4xgszz98M19mmjMS9en7umSHmKphqMvCbqBVnmQYg8nkFXqmgeSqDwpivQPrTi9aBu6RvwvDNzxuMdc_psMa9mvosVeVXrgTqebxfLmaEVcR4_bIPKkg2D9LfRd1rbxCTj3r8We1YdL8i1f0xHJrZbK6gExNsPgAwJWa62hsAenyyAAAge-dHV3oMFs9ce2-Rbd0R1tnpDdsjMZ1eg5N-uXno6i2u0lh2a4GiZxUhqpfzsVa_5IeSw0uKOcnYjySgUu6qok28bq6I81Zp-Q03DrkFFBIPctwa8jBAYLAdv7SFT1pWlKtAVBHqNtkz8jB00CZv10acC9zjHRhiZWeJNGf_cYV8zPbBl9-PAk_kCJbFaOBx1L6A-SWUEDmSbzpkoLNznsBd0CGV3smt85WAQe2brXNZm6bSuI7ovvbZCw56UXoHqoO5mISJOyyBQ0y8ibnWLhYNAJMdRZDaK3KSMjGL5_kNXezath1FgfkoYutU64c8dprmzXUK8w2gnlz5EsVeqi65bxHxIpfhJnPi4gwQ0nwPpQtp2HLOHUDE-kceVNs28er6JnuUpFyAgHegqIwghy88fTQpKELbIqOPje_Ptj96iYNgLBKdCNanm7PC0tuETXuhMQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7E19 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstunQ_msWo9uHd4sbcbQryDseJiaQEPJBCjyDfF1cW_xR_jt_gqe-7qPkTvyX5wwsim033Uq55ZToITL5ofD65J5yCGlxgvUyjxvAP5U2axWE1d&sai=AMfl-YRaUMPf7dit3UTWJDODU_U8Umkz0aYPmicFg0FAqWLIUNh3v_32vLa8DsnsS4l_0wr6E89mrAaLnY2Faeh3kOq0SazdjBZmsjR9HfQx81XjZ2pelo8EyCvrJmk8VlU&sig=Cg0ArKJSzALBQBoLbUstEAE&cid=CAASPeRoj2gxALQOLFcp2YMhqvtIqczllzuzUKT62sdBvcX2v2aLY5KEbXuqwI07aFDK76luyB4voLziVVBbDV4&id=ampim&o=1011,389&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=221&tls=1221&g=100&h=100&tt=1221&r=v&avms=ampa&adk=3427453152
Requested by
Host: sharemods.com
URL: https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 8F41 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156657&gdpr=1&gdpr_consent=CPHBH4wPHBH4wAKASBENA9CsAP_AAH_AAAAAG9td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEilMbO2dYGHtfn9VTuZKY797s___z__-_____75f_r-3_3_vp9V-BugBJhqXwEWYljASTRpVCiBCFcSHQAgAooRhaJrCAlcFOyuAj9BAwAQGoCMCIEGIKMWQQAAAABJREAIAeCARAEQCAAEAKkBCAAjQBBYASBgEAAoBoWAEUAQgSEGRwVHKYEBEi0UE8kYAlFzsYYQhlFAAA.YAAAAAAAAAAA&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 5346 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 04:06:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38659
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 04:06:16 GMT
file.mp4
r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/12c55a09403ca39a/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765705198/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 5346
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/12c55a09403ca39a/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765705198/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/12c55a09403ca39a/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765705198/sparams/acao,ctier,expire,id,ip,ipbits,i...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/12c55a09403ca39a/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765705198/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E6B2F62FCCAE353702EB07C7EE4FEA381266F5A.5A2CE627B46D8E149CF9D5AFE2324080398576C7/key/cms1/cms_redirect/yes/mh/w-/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1622385870/mv/m/mvi/3/pl/50/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:65::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:50:35 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2227627
Last-Modified
Mon, 17 May 2021 13:13:17 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 30 May 2021 14:50:35 GMT

Redirect headers

date
Sun, 30 May 2021 14:50:35 GMT
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
652
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/12c55a09403ca39a/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765705198/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E6B2F62FCCAE353702EB07C7EE4FEA381266F5A.5A2CE627B46D8E149CF9D5AFE2324080398576C7/key/cms1/cms_redirect/yes/mh/w-/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1622385870/mv/m/mvi/3/pl/50/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 5346 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kpbavhx5&c=7524307876150&slotId=3762153938075&qqid=CN-m_9jT8fACFYrKdwod5ycA2g&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=989&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&met.4=videopreviewvisible.1ek
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 7ADD 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Fri, 28 May 2021 12:52:12 GMT
expires
Sat, 28 May 2022 12:52:12 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
179903
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js
pagead2.googlesyndication.com/bg/ Frame 7ADD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
2445
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5755
x-xss-protection
0
expires
Mon, 30 May 2022 14:09:50 GMT
csi
csi.gstatic.com/ Frame 5346 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~kpbavirp&c=7524307876150&slotId=3762153938075&qqid=CN-m_9jT8fACFYrKdwod5ycA2g&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=989&mt=video%2Fmp4&vs=640x360&ple=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 5034 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190411.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:35 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 31 May 2021 14:50:35 GMT
file.mp4
r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/12c55a09403ca39a/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765705198/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 5346 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/12c55a09403ca39a/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765705198/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E6B2F62FCCAE353702EB07C7EE4FEA381266F5A.5A2CE627B46D8E149CF9D5AFE2324080398576C7/key/cms1/cms_redirect/yes/mh/w-/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1622385870/mv/m/mvi/3/pl/50/file/file.mp4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:65::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
965b2368c4e9d3305cf98cedd28573e3f83bf164a40fedd53176c9c343bf52c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 30 May 2021 14:50:35 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2227626/2227627
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2227627
expires
Sun, 30 May 2021 14:50:35 GMT
last-modified
Mon, 17 May 2021 13:13:17 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
client-protocol
quic
csi
csi.gstatic.com/ Frame 5346 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~kpbavitg&c=7524307876150&slotId=3762153938075&qqid=CN-m_9jT8fACFYrKdwod5ycA2g&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=989&mt=video%2Fmp4&vs=640x360&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F12c55a09403ca39a%252Fitag%252F343%252Fsource%252Fdoubleclick_dmm%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F3765705198%252Fsparams%252Fid%252Citag%252Csource%252Cctier%252Cacao%252Cip%252Cipbits%252Cexpire%252Fsignature%252F2EE3812DDB4841768FA0A1DACE1422E3D37F1EDD.FFC433A0379CCE4F7C65928A31E07EAD68D7A3D%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame 2A04 		1 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1096526499&t=event&ni=1&_s=13&dl=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=336x150&je=0&ec=Prebid.js%20Bids&ea=Timeouts&el=fidelity&_utma=94093407.2089567392.1622386232.1622386232.1622386232.1&_utmz=94093407.1622386232.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_u=KQBCAEABAAAAAC~&jid=94831916&gjid=1635341595&cid=2089567392.1622386232&tid=UA-118668458-2&_gid=1895351531.1622386232&_r=1&z=1148754809
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sharemods.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 2A04 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/setupad/stpd180803.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:35 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 31 May 2021 14:50:35 GMT
dc_oe=ChMIv6rp2dPx8AIVCY6FCh0D2gESEAAYACCFspJIQhMI36b_2NPx8AIVisp3Ch3nJwDa;met=1;acvw=sv%3D897%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26cp%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D...
ade.googlesyndication.com/ddm/activity/ Frame 5346 		42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIv6rp2dPx8AIVCY6FCh0D2gESEAAYACCFspJIQhMI36b_2NPx8AIVisp3Ch3nJwDa;met=1;acvw=sv%3D897%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26cp%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D839392675%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1622386235250;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5346 		42 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CJ8ZKOaazYJ-mEoqV3wPnz4DQDdOuu_ViipGc7o0OrL-i0OQCEAEgjeS9KWCV-vCBjAegAZux9pMCyAEFqQLa2qfgfHS0PqgDAcgDmwSqBMMBT9Bs3bIgv0Ki9KPkA0UJaAhsEpPM3D9S5Hay55J6PSLR9SEZuKuPkN7g6VIra11zCjkA2V81iBudiQo4TukARxBPUoBu8_aOmua4wz8xRkMbOFGG9q-pqOCMMJR_WeLtFdUShxCVzMg67eg1rIw1kHt73pX6vZgdw5pNUbm_W-GgXjODOlaAwjDpJRyY_RVSpEXmXW8cSctrku8ffflPN_qoMd7VzyE-Kr6Z6UV9avyue48l53xjwGWvl8x-yhuzNSTvwASL6aLFrAPgBAOQBgGgBk6AB83OiewBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBPo6dIL0BMA2BMNiBQC2BQB0BUBgBcB&sigh=wdScCIuVSA8&label=part2viewed&ad_mt=7&acvw=sv%3D897%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26cp%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D839392675%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1622386235250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5346 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssP58HFggjg8yG9geJ6O4DakBuksKXPTnX7Ik912Uljx5jkK-kijR2HPh4QMFwAUKrKNa5guXoilEf7ZaqXVU718uExmr9UcWl7uaGznhwFjvzu0ew_blLGytFtjBAyUbYPWC-FRiv8bSmCPlwupD83c5vVF98L-tP4uv0Q8VT6RD22dTgwzwA02w5S65EMHRgZXyt8IT2drU2PE5AMFZPPRIIHTstTqIO8M7Knc1SkQOIjcMPS2ucVRkz2OlDANJ-einBixSda5s7QnEhkbH5u2mw4oKbW-AirAfnBA7oh9by9H-ESuo8V8durp9k96ZWQ1QK7h9SUfmVMIILSvnjIiQj34JPU7u5O-E1HaMEZc6tfwuUILOBM-MMNEDhbzFL6nhBOP859rLJY2JHxtEgTmZS7OgMsexlUNWPOoiOOc3Ktu80WU-s6UJG0EF_RPKH3h01GYSbrLc9Vw2_61Gn2vKxo7IC0snDQtcUXQoVu-pb72EZZlkZjuS6mKTCmm9Cgw2BtvDkDqUMituf26hWJMlBqwvzLILcW7Tt5a-uLfLmbTWmEn83AAdngIhBuexLhC5AhRwa13VrNOL2t35qc9VgRiBmjhJsNBeNZtBm3XSI9EPVh7P-S8D1Ee5Qo_zsHqLOc01WrrIFseXR0Cu2U7ui3EdTwzXGnVzf5d41hlkteFTeGJ5VKV7mLe0g9TDWlCSGanazZEpDa1tFsuq58_yR3wxiVg2tHMbFkUjIl-1nSgNg9DZhdY_zqMnJqM-n0iWMiPNzo8c6VsxGPE2szPFUQIEs231x6upM6V59cGIRO8mn4S2DmUEU9A2vAcmpcm_CfPn8AG455JyynmLqzHfYjy8UXTUEL7qqXB_HQ9sO9xrBkPwx38O4VwLnn0RShZKFV2H0s5curr7g-PAjrIGL3GCbYhs619LJxbPMIRDhaC5OHPU3u9IN_Yqw1VEV0kgTI2wypRbGAJCEAcT1e9k74hP4c8Vyd1dgZvK6xb-Vhqcot1NB7l33NI2enivFcbklzbmaxvciVO7-PDlWjZjXodecgedW47Qxy7j1l4zVcL1tdOYeBMdwN2NQcIrwkrX_ECa9Sp1rbBM3nKgNRSUXp8kPMJn6v4c9tlA2RuaNEKg&sai=AMfl-YTuUhfsOPfBGhOMOxLH9rN-Lf46xIqZl_LfZQxtN9E0r6Y1Xv_UrbLB6ieg5j2Gl3y_nu_zBa6f1OniUrM5ZKLuTR_00B9YfaEfYEDy90s2kx1MYXAPjOsJkMnmBiOEUMiHnsAzIlVJXH0KophL5Bd35yJ2Nopi06RXt3E&sig=Cg0ArKJSzAqLq0E4B02xEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 30 May 2021 14:50:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 30 May 2021 14:50:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5346 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYusPaqQEgATAB&v=APEucNVxaJ8N-4pmr7ENTz8UFP_O8oUXQwHvNQ_EbWIaXGT4iv0pm6qnIPn_yTwPYj9-XXSpac6YdRJjiTDW3xX142p7UCqX4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5346 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIv6rp2dPx8AIVCY6FCh0D2gESEAAYACCFspJIQhMI36b_2NPx8AIVisp3Ch3nJwDa;met=1;acvw=sv%3D897%26cb%3Dj%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26cp%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3...
ade.googlesyndication.com/ddm/activity/ Frame 5346 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIv6rp2dPx8AIVCY6FCh0D2gESEAAYACCFspJIQhMI36b_2NPx8AIVisp3Ch3nJwDa;met=1;acvw=sv%3D897%26cb%3Dj%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26cp%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D839392675%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1622386235250;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5346 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIaK-RyIK4QFaOFhSwX49I9jNIOrS9O-ZQw-sKxFiMHoH00EpmKz5Z3al8JCLguVzY7__wGcGLgTiz5Vk8mo7_zH_gIKmVyAkASbH5yRB-WvioVNij3I7vZohG7Q&sai=AMfl-YSKfsH0Kk9rEeS4Ptul2oI7R-RNXtNlz8XW276i6idaRbLuRwR48c8fVWRw5t7LquWEXQLjP5yQ3r1mLXulpo5-CvljU6kLiv32KI-_drDlKG_1xTzo0OyLIVbqA-A&sig=Cg0ArKJSzIahJ3Kl-8fAEAE&cid=CAASFeRo7bHJ50_SWukUDRtg3N9pJueHQA&id=lidarv&acvw=sv%3D897%26cb%3Dj%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26cp%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D839392675%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1622386235250&avm=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5346 		42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CJ8ZKOaazYJ-mEoqV3wPnz4DQDdOuu_ViipGc7o0OrL-i0OQCEAEgjeS9KWCV-vCBjAegAZux9pMCyAEFqQLa2qfgfHS0PqgDAcgDmwSqBMMBT9Bs3bIgv0Ki9KPkA0UJaAhsEpPM3D9S5Hay55J6PSLR9SEZuKuPkN7g6VIra11zCjkA2V81iBudiQo4TukARxBPUoBu8_aOmua4wz8xRkMbOFGG9q-pqOCMMJR_WeLtFdUShxCVzMg67eg1rIw1kHt73pX6vZgdw5pNUbm_W-GgXjODOlaAwjDpJRyY_RVSpEXmXW8cSctrku8ffflPN_qoMd7VzyE-Kr6Z6UV9avyue48l53xjwGWvl8x-yhuzNSTvwASL6aLFrAPgBAOQBgGgBk6AB83OiewBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBPo6dIL0BMA2BMNiBQC2BQB0BUBgBcB&sigh=wdScCIuVSA8&label=vast_creativeview&ad_mt=7&acvw=sv%3D897%26cb%3Dj%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26cp%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15018%26vmtime%3D6%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D839392675%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1622386235250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 5346 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~kpbavivc&c=7524307876150&slotId=3762153938075&qqid=CN-m_9jT8fACFYrKdwod5ycA2g&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=989&mt=video%2Fmp4&vs=640x360&dm=15000&event_name=first_play&asset_bytes=211110&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=videopreviewstarted.1ju
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ADD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B-0pIO6azYP-gAomclgSDtIeQAQAAAAA4AeAEAg&bg=!4-Cl4KTNAAaMan2LjGo7ACkAdvg8WhXnZLzePwgRQie5hGGRodDQ95A0Q-Cr-1IyRt6qTYUUM_B5MwIAAABoUgAAABJoAQcKALl_s4RX-DA_r_uYMbCQiuqC2UykHz8E4CEZ3vqxOo-5STl2sLZ6xB8PK7bj9_1LJcnRG3qZmvkvTuVTfOYuXJqOpc4VKblOj-d6b71SQuCYyCjlIz-DK0z3b0GabzgNr_3SPnYu77JyAmnEXJPX4O3eqfbssR0BRS9cRSJRqfHOnNhWqshGY_Sl4FdFcfVexV1sHIsfFEkVaPzrr49XzwnRMKn7LxIEhlT7mAPovwdnpuYGY6AHe9WN35kCxbjVLQLV5xmbjCHzUpuoW0oHbkLaq2epxwwUUJOZkxayoqKY-z3QCxnQ2wvA9KVfpfk837psC01u1sFYsjD7dZq8-OnOCEtCQzTtMb-jHmH3-x6UzbMyU-od8nJdfiviN9ZBILLdAw1Qv-HjgkHu5WiehUOJSa41SOxBpT3SCESrR68SCGBqvLGTX7Zeh4jtLZM1198q9V9nRY9EAXaRVKfpsSGgpI7WohrZAshBazRYmc1aChhi3WFKpKlbyl6LmJ3vp_CbBb2SWH_836DPcUKHRlW1XhjQqrLghuKd0Uaoyczw3-3kqnR8UWNpp6gWDgLC6Iw6aKFCp9uRJBblfSj8Vkcui7ATbSs4nUk2PiM36zSp_RhdlY4nlDJ7TI8l_q5MnOyxJC_ZECYGFkjkxf9ZZsfonUdOeiag7c5QylhlsdXqnzqYwzcJPk2JnqXOK44UTPukIk3zIclZ2mzmllt9F36HXsYPNFqn1fuPUXoKAJTlxOClss-EMK0W43PNfgzsI1X5k9XWGNZg10N4K3TNbHIXy-o-OeVGmcTUDp8vdHN5taWH7wmlUfn1Ps8_zAFM5grnTqlTQto92OnSqx1-xGyS9OXzqOT50qwx2AzNLmiOtq_bmusXybNgMyq43VC4nBFC10ynBOuMs9uY6rNd9zsz7t2xQ8VgiYyxshbrWGvnALzCrp1YN5dZ-HFEMvUl_ijBfW2BLzIoL1u5gPSJzTAVn4WA-IvyLIB8yJRtZlmG_5cRNCzQ6qleeFckx2XHFfzUzzgP_eAi4oSP5AVAZbiJZwiLFT5dDQYoUXtd90K_GE8dAnThLtMBJVVlzzD9JgVhjDZlqV6QvokPYH50SOzSQKiHB78Edxm1hcJAwJRSgEbGkaRYir3TxoAc_BXbQ0WEygSLUUOHnXvwHw6FFpSNBeAaE_qvMkScQ4ROMFZ-Mh8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 8555 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com&gdpr=1&gdpr_consent=BPHBH4xPHBH4xAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=sharemods.com&gdpr=1&gdpr_consent=BPHBH4xPHBH4xAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sharemods.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sharemods.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1607
set-cookie
uid=5df2a113-c113-4589-a949-a2494cd0305b; expires=Mon, 30 May 2022 14:50:34 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sun, 30 May 2021 14:50:35 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 5034 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:35 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 31 May 2021 14:50:35 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 2A04 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:50:35 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 31 May 2021 14:50:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 49C9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYEVmX2Iea9_p6BS7KUEEy3Zr-JtePy0n8vTBqqYg_8_TkenCZG0GY6FRpl6FvdevtOOFObH6KQzROZKLzf5gZFr2_Kco41Dv99NUMUQxRFgEG2DUSlBd4i2ZWqA&sai=AMfl-YQo0yJTR8HDM7Heq2LfUasITZpl-UOVtkvv9b3RbuqCdqnIel2P2E3t7ZWye-JqYTocaQn4KBC4epubBlulp5xvhgPFu9dysQ2hx_1V0ZH4ys0rJPL6PSUd4UirCUA&sig=Cg0ArKJSzE8NH24ZUPJaEAE&cid=CAASPeRoaIltfFUKxkivgbpa58xQFRVVPRDaHONQt3tOem2kH4cmj95HaGVoaZ0fxOudgPZ_Gd3u5D7yHw3lQzs&id=lidar2&mcvt=1001&p=0,0,94,728&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&app=0&itpl=20&adk=2551612150&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622386233655&dlt=105&rpt=92&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIv6rp2dPx8AIVCY6FCh0D2gESEAAYACCFspJIQhMI36b_2NPx8AIVisp3Ch3nJwDa;met=1;acvw=sv%3D897%26cb%3Dj%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26cp%3D1,1,189,335%26tos%3D2012,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame 5346 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIv6rp2dPx8AIVCY6FCh0D2gESEAAYACCFspJIQhMI36b_2NPx8AIVisp3Ch3nJwDa;met=1;acvw=sv%3D897%26cb%3Dj%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26cp%3D1,1,189,335%26tos%3D2012,0,0,0,0%26mtos%3D2012,2012,2012,2012,2012%26amtos%3D0,0,0,0,0%26mcvt%3D2012%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2174%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D1%26dur%3D15018%26vmtime%3D2181%26dtos%3D2012%26dtoss%3D1%26dvs%3D2012%26dfvs%3D2012%26dvpt%3D2174%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D839392675%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2012;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1622386235250;ecn1=1;etm1=0;eid1=200000;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5346 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIaK-RyIK4QFaOFhSwX49I9jNIOrS9O-ZQw-sKxFiMHoH00EpmKz5Z3al8JCLguVzY7__wGcGLgTiz5Vk8mo7_zH_gIKmVyAkASbH5yRB-WvioVNij3I7vZohG7Q&sai=AMfl-YSKfsH0Kk9rEeS4Ptul2oI7R-RNXtNlz8XW276i6idaRbLuRwR48c8fVWRw5t7LquWEXQLjP5yQ3r1mLXulpo5-CvljU6kLiv32KI-_drDlKG_1xTzo0OyLIVbqA-A&sig=Cg0ArKJSzIahJ3Kl-8fAEAE&cid=CAASFeRo7bHJ50_SWukUDRtg3N9pJueHQA&id=lidarv&acvw=sv%3D897%26cb%3Dj%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26cp%3D1,1,189,335%26tos%3D2012,0,0,0,0%26mtos%3D2012,2012,2012,2012,2012%26amtos%3D0,0,0,0,0%26mcvt%3D2012%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2174%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D1%26dur%3D15018%26vmtime%3D2181%26dtos%3D2012%26dtoss%3D1%26dvs%3D2012%26dfvs%3D2012%26dvpt%3D2174%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D839392675%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2012&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1622386235250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
bh.contextweb.com/visitormatch/ Frame 5034 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/visitormatch/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://sharemods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-555c8fd69d-7qzgs
expires
-1
dc_oe=ChMIv6rp2dPx8AIVCY6FCh0D2gESEAAYACCFspJIQhMI36b_2NPx8AIVisp3Ch3nJwDa;met=1;acvw=sv%3D897%26cb%3Dj%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26cp%3D1,1,189,335%26tos%3D3780,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame 5346 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIv6rp2dPx8AIVCY6FCh0D2gESEAAYACCFspJIQhMI36b_2NPx8AIVisp3Ch3nJwDa;met=1;acvw=sv%3D897%26cb%3Dj%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26cp%3D1,1,189,335%26tos%3D3780,0,0,0,0%26mtos%3D3780,3780,3780,3780,3780%26amtos%3D0,0,0,0,0%26mcvt%3D3780%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3942%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D1%26dur%3D15018%26vmtime%3D3953%26dtos%3D1768%26dtoss%3D2%26dvs%3D1768%26dfvs%3D1768%26dvpt%3D1768%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3780,3780,3780,3780,3780%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D839392675%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3780;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1622386235250;ecn1=1;etm1=0;eid1=960584;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5346 		42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CJ8ZKOaazYJ-mEoqV3wPnz4DQDdOuu_ViipGc7o0OrL-i0OQCEAEgjeS9KWCV-vCBjAegAZux9pMCyAEFqQLa2qfgfHS0PqgDAcgDmwSqBMMBT9Bs3bIgv0Ki9KPkA0UJaAhsEpPM3D9S5Hay55J6PSLR9SEZuKuPkN7g6VIra11zCjkA2V81iBudiQo4TukARxBPUoBu8_aOmua4wz8xRkMbOFGG9q-pqOCMMJR_WeLtFdUShxCVzMg67eg1rIw1kHt73pX6vZgdw5pNUbm_W-GgXjODOlaAwjDpJRyY_RVSpEXmXW8cSctrku8ffflPN_qoMd7VzyE-Kr6Z6UV9avyue48l53xjwGWvl8x-yhuzNSTvwASL6aLFrAPgBAOQBgGgBk6AB83OiewBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBPo6dIL0BMA2BMNiBQC2BQB0BUBgBcB&sigh=wdScCIuVSA8&label=videoplaytime25&ad_mt=3954&acvw=sv%3D897%26cb%3Dj%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26cp%3D1,1,189,335%26tos%3D3780,0,0,0,0%26mtos%3D3780,3780,3780,3780,3780%26amtos%3D0,0,0,0,0%26mcvt%3D3780%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3942%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D1%26dur%3D15018%26vmtime%3D3953%26dtos%3D1768%26dtoss%3D2%26dvs%3D1768%26dfvs%3D1768%26dvpt%3D1768%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3780,3780,3780,3780,3780%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D839392675%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3780&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1622386235250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIv6rp2dPx8AIVCY6FCh0D2gESEAAYACCFspJIQhMI36b_2NPx8AIVisp3Ch3nJwDa;met=1;acvw=sv%3D897%26cb%3Dj%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26cp%3D1,1,189,335%26tos%3D7523,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame 5346 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIv6rp2dPx8AIVCY6FCh0D2gESEAAYACCFspJIQhMI36b_2NPx8AIVisp3Ch3nJwDa;met=1;acvw=sv%3D897%26cb%3Dj%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26cp%3D1,1,189,335%26tos%3D7523,0,0,0,0%26mtos%3D7523,7523,7523,7523,7523%26amtos%3D0,0,0,0,0%26mcvt%3D7523%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7685%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D53%26pst%3D1%26dur%3D15018%26vmtime%3D7703%26dtos%3D3743%26dtoss%3D3%26dvs%3D3743%26dfvs%3D3743%26dvpt%3D3743%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3743,3743,3743,3743,3743%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D839392675%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,7523;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1622386235250;ecn1=1;etm1=0;eid1=18;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5346 		42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CJ8ZKOaazYJ-mEoqV3wPnz4DQDdOuu_ViipGc7o0OrL-i0OQCEAEgjeS9KWCV-vCBjAegAZux9pMCyAEFqQLa2qfgfHS0PqgDAcgDmwSqBMMBT9Bs3bIgv0Ki9KPkA0UJaAhsEpPM3D9S5Hay55J6PSLR9SEZuKuPkN7g6VIra11zCjkA2V81iBudiQo4TukARxBPUoBu8_aOmua4wz8xRkMbOFGG9q-pqOCMMJR_WeLtFdUShxCVzMg67eg1rIw1kHt73pX6vZgdw5pNUbm_W-GgXjODOlaAwjDpJRyY_RVSpEXmXW8cSctrku8ffflPN_qoMd7VzyE-Kr6Z6UV9avyue48l53xjwGWvl8x-yhuzNSTvwASL6aLFrAPgBAOQBgGgBk6AB83OiewBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBPo6dIL0BMA2BMNiBQC2BQB0BUBgBcB&sigh=wdScCIuVSA8&label=videoplaytime50&ad_mt=7703&acvw=sv%3D897%26cb%3Dj%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26cp%3D1,1,189,335%26tos%3D7523,0,0,0,0%26mtos%3D7523,7523,7523,7523,7523%26amtos%3D0,0,0,0,0%26mcvt%3D7523%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7685%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D53%26pst%3D1%26dur%3D15018%26vmtime%3D7703%26dtos%3D3743%26dtoss%3D3%26dvs%3D3743%26dfvs%3D3743%26dvpt%3D3743%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3743,3743,3743,3743,3743%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D839392675%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,7523&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1622386235250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:50:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
x.fidelity-media.com
URL
https://x.fidelity-media.com/delivery/hb.php?from=hb&v=1.0&requestid=55219bd8ba8525&impid=6f2aefad1a0095&zoneid=53067&floor=0&charset=UTF-8&subid=hb&flashver=&tmax=3000&defloc=https%3A%2F%2Fsharemods.com%2F&referrer=&gdpr=1&consent_str=BPHBH4xPHBH4xAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&consent_given=0&
Domain
x.fidelity-media.com
URL
https://x.fidelity-media.com/delivery/hb.php?from=hb&v=1.0&requestid=9ed75d325e8368&impid=10d4853cc100d8a&zoneid=53067&floor=0&charset=UTF-8&defloc=https%3A%2F%2Fsharemods.com%2F&altloc=https%3A%2F%2Fsharemods.com%2F1dwlx2z0gsxd%2FStamford_Bridge.rar.html&subid=hb&flashver=&tmax=3000&
Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
4.adsco.re
URL
https://4.adsco.re/

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| jQuery19108012370769149681 function| setPagination object| googletag function| cookieinfo object| cbinstance function| openNav function| closeNav object| a0_0x433e function| a0_0x3d7e function| share_facebook function| share_twitter function| share_gplus function| share_vk object| ggeac boolean| google_plmetrics object| google_js_reporting_queue undefined| timeout object| _pop function| delComment function| player_start function| showFullScreen object| _gaq object| __CF$cv$params object| _gat object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| getRoxotGroupId function| getRoxotSectorId function| getRoxotDeep function| getRoxotEvent function| stpdPassback object| stpd function| __tcfapi function| stpdChunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO string| nobidVersion object| nobid object| apstag object| aax object| detectZoom object| iframe object| where object| win object| _pao boolean| apstagLOADED function| AdscoreInit string| txt number| a function| ed number| t string| property number| r number| g number| b string| bt object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

9 Cookies

Domain/Path Name / Value
.sharemods.com/ Name: __cf_bm
Value: 93c2e21bac4885bd226f608f31d7a269657d2545-1622386232-1800-AWcESJVvOOxxVc+OqvxQcPROZ1huHNIEjJnA4falX+4grwE0AkKU8meRY41e+6M8IjuwSQyURicTIFDCIq9jWUnMGEENaomIRyEQ76xC7517CQsjAIociWswI7XhcjtWzz1B23YcWUNuUc4Dojcq1JA=
.sharemods.com/ Name: __utmb
Value: 94093407.1.10.1622386232
sharemods.com/ Name: _pubcid
Value: 8ede3e04-56ad-4744-90b6-e4e807ad064f
.sharemods.com/ Name: __utmt
Value: 1
.sharemods.com/ Name: __utmz
Value: 94093407.1622386232.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.sharemods.com/ Name: __utmc
Value: 94093407
.sharemods.com/ Name: __utma
Value: 94093407.2089567392.1622386232.1622386232.1622386232.1
.sharemods.com/ Name: aff
Value: 118691
.sharemods.com/ Name: lang
Value: english

27 Console Messages

Source Level URL
Text
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2582)
Message:
=============================
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2583)
Message:
adunit.code:
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2584)
Message:
adunit.path: sharemods.com_980x250
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2585)
Message:
slot.id: sharemods.com_980x250
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2586)
Message:
slot.path: sharemods.com_980x250
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2587)
Message:
=============================
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2582)
Message:
=============================
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2583)
Message:
adunit.code: div-gpt-ad-1591282395088-0
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2584)
Message:
adunit.path: sharemods.com_336x280_1_new
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2585)
Message:
slot.id: sharemods.com_336x280_1
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2586)
Message:
slot.path: sharemods.com_336x280_1_new
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2587)
Message:
=============================
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2582)
Message:
=============================
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2583)
Message:
adunit.code:
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2584)
Message:
adunit.path: sharemods.com_336x280_2_new
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2585)
Message:
slot.id: sharemods.com_336x280_2
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2586)
Message:
slot.path: sharemods.com_336x280_2_new
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2587)
Message:
=============================
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2582)
Message:
=============================
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2583)
Message:
adunit.code:
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2584)
Message:
adunit.path: sharemods.com_970x250_2
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2585)
Message:
slot.id: sharemods.com_970x250_2
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2586)
Message:
slot.path: sharemods.com_970x250_2
console-api log URL: https://stpd.cloud/assets/hb/sharemods.js(Line 2587)
Message:
=============================
console-api log URL: https://c.adsco.re/(Line 14)
Message:
console-api debug URL: https://c.adsco.re/(Line 15)
Message:
console-api info URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2104130153000 https://sharemods.com/1dwlx2z0gsxd/Stamford_Bridge.rar.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

238087bd1d44299f2ec848db57671506.safeframe.googlesyndication.com
4.adsco.re
6.adsco.re
83402027f7b5d893facb166a05f1758f.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ade.googlesyndication.com
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.yahoo.com
adsco.re
adservice.google.com
adservice.google.de
adx.adform.net
af7c1046fdbec46d647d764e227e4fbb.safeframe.googlesyndication.com
aiypwttqfvkp.l4.adsco.re
aiypwttqfvkp.n4.adsco.re
aiypwttqfvkp.s4.adsco.re
amazon-tam-match.dotomi.com
bh.contextweb.com
bid.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
c.adsco.re
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cloud.setupad.com
cm.g.doubleclick.net
cookieinfoscript.com
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
mwzeom.zeotap.com
node.setupad.com
pagead2.googlesyndication.com
partner.blau.de
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
portal.blau.de
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
premiumvertising.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
r3---sn-4g5e6nz7.c.2mdn.net
rtb-csync.smartadserver.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
scamblefeedman.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
sharemods.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssl.google-analytics.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
stpd.cloud
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.premiumvertising.com
www.telefonica-partner.de
x.bidswitch.net
x.fidelity-media.com
4.adsco.re
6.adsco.re
x.fidelity-media.com
104.111.230.142
13.226.158.204
13.226.159.42
142.250.185.130
146.59.148.16
151.101.114.49
159.253.128.188
159.65.196.12
159.89.25.223
162.252.214.11
162.252.214.5
162.55.6.211
172.217.23.98
172.253.120.155
172.67.71.49
178.250.0.163
178.250.0.165
18.156.0.31
185.184.8.65
185.200.116.90
185.200.118.90
185.29.135.234
185.33.221.15
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.86.137.110
198.148.27.133
198.148.27.139
2.18.233.180
2.18.234.21
2.19.35.65
2001:678:cb4:bbbb::11
213.155.156.184
216.58.212.162
23.111.200.117
23.111.9.35
2606:4700:10::6816:1857
2606:4700:20::ac43:44a2
2606:4700:20::ac43:4876
2606:4700:3030::6815:2212
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2606:4700::6812:acf
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:65::8
2a00:1450:4001:803::2001
2a00:1450:4001:803::200a
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:4001:831::2010
2a00:1450:400c:c0c::9d
2a00:1450:400d:802::2001
2a00:1450:400e:800::2003
2a02:2638::1c
2a02:2638::3
2a02:6ea0:c700::2
2a02:fa8:8806:13::1400
2a02:fa8:8806:16::1370
35.190.77.178
35.244.174.68
37.157.3.30
38.132.109.186
51.68.161.27
52.49.40.147
52.57.228.122
52.57.230.211
52.95.124.165
54.171.173.220
54.194.211.3
66.155.71.149
69.173.144.139
69.173.144.143
72.21.206.140
76.223.111.131
78.46.85.162
82.113.101.236
84.200.5.215
85.114.159.93
013aabe6a5fe6bff034c59ef1839ca770ebab2baa66c160efef5331229b98969
025e5664fd9bb18297c92464714137cf522a1a8c65884a4aa2ce7b6f9326b88f
02fc34740bf9b22f18f82a1bbe062cbbb5a9eb526d905fcdd46936cdf04c086e
038cc2bf843d0f4ecf44c6c8481c572c1db3e9c0b6e5701022e046feffd50d84
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
03f148e389c9eab875e3b76f13f4fd944b3e6a3c243e59215dfde25b766d86ed
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0913ffc67cfdfb69fb6db7be06be5445f92be9bdf5de322645778f1ab365f097
0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
137b7e16607cc0bb3b770b248c263e600e979c12150d221f4687b40f4f08b3e3
1458c65cd927c3e5bf35667665280eaaf849eef09ed217983334c5c8a78f6759
167b2698ac1881db9db3e3d03f397462d249b283f64c29126f4bfa4e195a6c1a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
23a79a8e0ab3d37387c0bf3a2a32c307d80c32eb3f67523bf68ece4e3d21ea1b
242c12a17725a15567d8a908913f1634e708e0ae8c4e5a1e40db1e50e2a43253
250e367ff82ec35e8bdfd782251214c82c9f22640a2b994ecbfdb185c1f28f56
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320
35e40df86add60d04e52922dfb73b3ba8483cd03f8283d08de7bce55cffc3032
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
385ab5b83c2bce7d98cebd584aa90a32fab9baeba455b22a59f31e96d90d94a0
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
3e74a4ef70abf935fa8800498b5d751663e3511bbee1e3f21d0e445f7883e437
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f8c3efc8251c54075ea44d91b1d5e8e65c8187f09f30ac7912ee0ed0426805b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff6be8f3b815dfa79d5ca2e915bd5c2d96bf3133c7b6dbc50f87849933bc818
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b1a094c624551abde00caa18c7b539080c5b12e1d3a955d8ae1bd945f03a5c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eead1a11f9e744413f227f47ffbb38f0d8ab89473511741ebb4aedec507fc5c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f4dbf081d8f0bb75855f15d99609ba19c0986c2b1081c7f6e42dc3390ed77a
5211a382edbdc5735bcef4a602013024eacec74802285bfe83e19f6b90a7b921
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
584dd37b8f51799136b585029c8e8058003d79509c60764cd8764b0b5fdc29c8
59b3cd5e8d2207976f8f687c84eba22d83cf960318fa8f7a6f31022ef4e69208
5ad42eaecaf4e258a157490247eac68e859deb39a23c96559af59990ac7af694
5b0b0a0b198ad4287d4774179f3d7b2630fb9ad0b90a18e806aa077ae91b6ce8
5b1375d434dd10a9c303a4fadfebdefafc9567e1b2200716300c908b3105c879
5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3
617ce35c83a9d492d63e919ed9c390a694727142620fe566a57a582416ca4c58
6299eb7d8d1e9a93b0a0cacbcf1d9b54de3064f0a374dec704f72d9ba0ce9071
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
65c1928faa8d6d02957353b3d37ef93f1807b952d66f209b3ca5a7da823cd487
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
68c8b1ff1f38e8c5e7ad80fc75f225610ec3a9a6d3319516785d79336f82d746
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
6ac343c12e8bf468701c45f641404e9a266abab6ce0e32a09136364b45a6723b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d9373da79f5a50b5e117118787ad51b73c652aec93d44c2d88d862be1e21dae
6fc96bd4bbaeb5f4f6b9ea81d2f995711064f7ca8e90362892122de20bbfba2e
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
770b21ee3b0bb5a7e90aeebe5aac8ab837cd7541e800c8da235d1843ddd88ecb
78b166e708ba1fe18605d9c4a91054c9ce4719678ed9a18050f90ba98b6263bc
7b924a645de8d9cd2b7b3e99e81e9c433c5d0346bb7101240542997f67320b0c
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002
7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b
7ee24ae73b4e25d49767bf09cdb30223aa18780060dbd42f2e29b1eaa04780f0
7f7dedcb745dc0bab408500233c46798f7f63a2dd2e38e7a471d0e9903461621
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
800a4acaf631f74645288fa6b28f0869b952fb258c3d28240a05abdb7dfcd6e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8370b98acbf163cc3f265a8029660897137689ab631ff68c02ac9e7e67584fd6
842c872b3898f5b0e7d31292eebc5442195611e262f59bae3e7d5b63c507e00d
892c44736d417c860cbcc028d98126d289bae24e867f22c49bbde6c01919feac
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b29e595db5287f5525f34f5613613c4a4fc4225d6b2399c1a88f9967a9384fe
8bd7d6a590b4fc790067d3939b84961c44206ead0f65198086464ff761cbec21
8db1dbfafdfea470f83859294fc78c09ab8b32aa4eae86e2af19311a809c9acf
8ee20b0a59b8ff59e7b7ef0ab572087dcd1acb8ddf3e8d9766b4179366a22c9a
8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
93c8456a1b349a3a1ad21e38210fb9766aab9018bef1626349a78125a9451155
9488b35b7d7340f90f78b75061dbbc5383840151214206575ba28b07b3d8235b
965b2368c4e9d3305cf98cedd28573e3f83bf164a40fedd53176c9c343bf52c7
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
967bdd426a54f8632ab07d30fed923bfc3dd170ed506d3e9a20606f7d916aaa3
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
9a493c7b6b2c0149cd999f3d0509d7e3b4880a215a1a8bbcc7a6775aaf2b96c5
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
9f9246a8abfb71eeaf88c77941974ca157bf4b5ff70c35f18eb04d68517d6369
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0f45a49d27117af1323c98b6f17499f08f49e5e60db826db929e583f2e8e65f
a12af3b3e8782c3af3ee41dd885a9ecd9e012712a12539d65dc61d77fa92419f
a1b8ef6d40a6f447aa71becd00f6fa9a4e1be4405fad120ab1aa8ae6ef2146bf
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16173a92ddc1ce22a84de5dcf5c54f666db617ea40690f02ea130bd4941be96
b750c54ffcad2d116460bc649eac2f7cf540fcbdcd82db75f4e23ca43e5126a7
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
bee9febe9329d861bc8140ec71c25016aacf584caaf64cb280ec0ee6463cf80e
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c95390f2b8da59860d44f7749eae70b7cc88e041efd3c5046ae36cd7ddb1c2
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc6993ee8e2e0361ba9ba1331dae5f1758a93730bfc24f911a0b78ed4e7864ed
cc7930c46bc124f85f2f4e68bf9ccd0456d77c48759cd3e301b040e3dcdf57fb
cf074ca9f0435fc4665f4b70acd0780abcbb49fbb92b28a9deb0c3c90f17d328
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d040ca5b4ddfc7d518c8845a34dd6ae312bbc6221767fdd76738e3a9e2c88cf5
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
d98121a51ed3f911f519cf42be28225dc26b4c9d61cfab0a580118e5c3447463
e291415534966f35e013a6298b0c28481c5902bc14b41c59ebbd63cece750804
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f2eaed1b4272059b3dad6b2ea036eab5c5da99645977128266fb43c4d255a7
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e717996f5607537ed723a320f33924f674aa6aa1bd768bd0ca0475f964c23757
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
ee627640d99d0061c431a7eb0cf6523c6fda4148a5aeaab5c14400c1b74d8723
ef043ad0f584be24e633c8330573ec63cef28af43f60dd382e489b14bdc17db9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbf441214cccb886930074b00c48304c976334158616d967e7f6d903ffd141f
f17a6c7a61593005b4d3f273d3728c956bf8f711bc5acc4205c8350ccb19d102