urlscan.io logo urlscan.io
SecurityTrails logo

qw.jinghuashuiyao.xyz Open in urlscan Pro
104.21.8.235  Public Scan

Go To Rescan Add Verdict Report
URL: https://qw.jinghuashuiyao.xyz/
Submission: On November 12 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 103 IPs in 7 countries across 101 domains to perform 337 HTTP transactions. The main IP is 104.21.8.235, located in and belongs to CLOUDFLARENET, US. The main domain is qw.jinghuashuiyao.xyz.
TLS certificate: Issued by GTS CA 1P5 on October 7th 2023. Valid for: 3 months.
This is the only time qw.jinghuashuiyao.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
54 104.21.8.235 13335 (CLOUDFLAR...)
5 142.251.40.226 15169 (GOOGLE)
2 3 23.4.226.82 16625 (AKAMAI-AS)
2 104.18.43.90 13335 (CLOUDFLAR...)
1 13.224.68.54 16509 (AMAZON-02)
2 6 3.133.242.36 16509 (AMAZON-02)
7 52.22.89.222 14618 (AMAZON-AES)
1 172.67.27.232 13335 (CLOUDFLAR...)
2 104.67.4.192 16625 (AKAMAI-AS)
1 3 23.23.163.185 14618 (AMAZON-AES)
2 2 52.2.255.128 14618 (AMAZON-AES)
1 52.206.230.220 14618 (AMAZON-AES)
6 69.173.151.96 26667 (RUBICONPR...)
2 8 198.148.27.131 19189 (PULSEPOINT)
1 52.6.167.249 14618 (AMAZON-AES)
1 2602:803:c002... 26667 (RUBICONPR...)
1 80.77.87.89 46636 (NATCOWEB)
5 5 68.67.160.117 29990 (ASN-APPNEX)
1 34.102.246.198 396982 (GOOGLE-CL...)
2 10 172.64.151.101 13335 (CLOUDFLAR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
5 44.210.169.166 14618 (AMAZON-AES)
1 147.135.119.114 16276 (OVH)
5 9 68.67.160.26 29990 (ASN-APPNEX)
1 52.71.198.74 14618 (AMAZON-AES)
2 54.84.92.154 14618 (AMAZON-AES)
15 21 69.173.151.100 26667 (RUBICONPR...)
6 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 18.215.44.14 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
2 44.195.14.13 14618 (AMAZON-AES)
2 184.73.159.2 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.222.139.117 16509 (AMAZON-02)
1 34.111.60.239 396982 (GOOGLE-CL...)
2 54.85.123.12 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
15 35.172.99.217 14618 (AMAZON-AES)
11 12 35.211.178.172 15169 (GOOGLE)
2 2 52.5.102.125 14618 (AMAZON-AES)
2 8 34.98.64.218 396982 (GOOGLE-CL...)
2 2 52.71.54.14 14618 (AMAZON-AES)
3 8 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 52.73.162.54 14618 (AMAZON-AES)
1 2 38.91.45.7 398989 (DEEPINTENT)
2 2 64.74.236.31 19024 (INTERNAP-...)
1 1 216.22.16.53 30633 (LEASEWEB-...)
4 4 185.167.164.43 198622 (ADFORM)
15 25 142.250.65.194 15169 (GOOGLE)
2 23.199.48.228 16625 (AKAMAI-AS)
7 7 35.71.131.137 16509 (AMAZON-02)
1 1 211.120.53.206 4694 (IDCF IDC ...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
6 23.206.253.109 16625 (AKAMAI-AS)
2 8.28.7.81 62713 (AS-PUBMATIC)
2 35.208.249.213 19527 (GOOGLE-2)
1 13.227.219.17 16509 (AMAZON-02)
2 7 209.54.182.161 16509 (AMAZON-02)
9 9 54.152.100.178 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 4 23.105.12.136 30633 (LEASEWEB-...)
8 8.28.7.83 62713 (AS-PUBMATIC)
1 8 162.248.18.37 62713 (AS-PUBMATIC)
4 6 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
3 12 35.71.139.29 16509 (AMAZON-02)
1 1 34.133.71.175 396982 (GOOGLE-CL...)
4 5 3.225.218.10 14618 (AMAZON-AES)
2 8.28.7.84 62713 (AS-PUBMATIC)
6 6 2606:ae80:145... 25751 (VALUECLICK)
1 52.222.139.24 16509 (AMAZON-02)
3 4 2620:112:f002... 6336 (TURN-US-ASN)
2 74.119.119.150 19750 (AS-CRITEO)
3 3 199.38.167.130 54312 (ROCKETFUEL)
1 1 82.145.213.8 39832 (NO-OPERA)
1 3 23.37.113.154 16625 (AKAMAI-AS)
2 3 151.101.2.49 54113 (FASTLY)
1 2600:1f14:b4f... 16509 (AMAZON-02)
1 44.220.12.129 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 67.220.226.232 16509 (AMAZON-02)
3 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
2 147.75.195.55 54825 (PACKET)
1 23.44.201.234 20940 (AKAMAI-ASN1)
1 1 2600:9000:20a... 16509 (AMAZON-02)
1 1 2600:9000:20b... 16509 (AMAZON-02)
1 18.239.69.99 ()
1 2 23.92.190.68 10913 (INTERNAP-BLK)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 23.206.252.26 ()
4 5 34.225.59.34 ()
5 10 8.2.110.13 ()
1 2606:4700:440... ()
2 2 35.214.250.169 ()
2 4 18.239.83.91 ()
3 3 173.231.178.77 ()
2 2 2620:116:800b... ()
1 1 192.96.203.13 ()
2 54.80.222.112 ()
1 52.7.125.92 ()
1 52.87.59.166 ()
2 2 207.198.113.203 ()
1 2 38.68.201.140 ()
1 1 35.211.118.13 ()
2 34.196.44.50 ()
3 3 2600:9000:220... ()
2 2a04:4e42:200... ()
1 2600:1f18:612... ()
1 34.198.202.75 ()
1 3.86.121.216 ()
1 172.240.155.68 ()
1 34.235.210.13 ()
2 23.199.48.23 ()
1 96.46.186.182 ()
1 1 52.222.139.15 ()
2 3 8.2.108.194 ()
2 107.151.11.58 ()
1 1 63.251.86.51 ()
2 2 8.2.110.33 ()
4 204.62.14.190 ()
2 2 35.190.60.146 ()
1 1 107.178.254.65 ()
1 172.98.26.246 ()
1 1 216.219.92.22 ()
11 104.18.36.155 ()
1 1 35.186.193.173 ()
2 2 2606:4700::68... ()
1 172.64.149.180 ()
1 1 67.202.105.22 ()
1 2 67.202.105.34 ()
1 1 35.227.252.103 ()
1 2606:4700::68... ()
1 1 34.96.71.22 ()
1 1 34.160.19.107 ()
337 103
54    104.21.8.235 (None, )

ASN13335 (CLOUDFLARENET, US)
qw.jinghuashuiyao.xyz
5    142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
securepubads.g.doubleclick.net
3    23.4.226.82 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-226-82.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
2    104.18.43.90 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    13.224.68.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-68-54.dub2.r.cloudfront.net
servedbydoceree.doceree.com
6    3.133.242.36 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-133-242-36.us-east-2.compute.amazonaws.com
bidder.doceree.com
7    52.22.89.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-89-222.compute-1.amazonaws.com
www.medtargetsystem.com
1    172.67.27.232 (United States)

ASN13335 (CLOUDFLARENET, US)
gumlet.assettype.com
2    104.67.4.192 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-67-4-192.deploy.static.akamaitechnologies.com
www.drugs.com
3    23.23.163.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-163-185.compute-1.amazonaws.com
thrtle.com
2    52.2.255.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-255-128.compute-1.amazonaws.com
i.liadm.com
1    52.206.230.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-230-220.compute-1.amazonaws.com
i6.liadm.com
6    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
8    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bid.contextweb.com
bh.contextweb.com
1    52.6.167.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-167-249.compute-1.amazonaws.com
tlx.3lift.com
1    2602:803:c002:200::43 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    80.77.87.89 (Clifton, United States)

ASN46636 (NATCOWEB, US)
PTR: transtyle.com
delta.adprime.com
5    68.67.160.117 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    34.102.246.198 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 198.246.102.34.bc.googleusercontent.com
trc.lhmos.com
10    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
dsum-sec.casalemedia.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
5    44.210.169.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-169-166.compute-1.amazonaws.com
pbs.nextmillmedia.com
1    147.135.119.114 (United States)

ASN16276 (OVH, FR)
PTR: ip114.ip-147-135-119.us
prg.smartadserver.com
9    68.67.160.26 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    52.71.198.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-198-74.compute-1.amazonaws.com
hb.minutemedia-prebid.com
2    54.84.92.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-92-154.compute-1.amazonaws.com
report2.hb.brainlyads.com
21    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
6    2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)
0f0772501ba38c43d1ce8092e0d1d020.safeframe.googlesyndication.com
tpc.googlesyndication.com
8    2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    18.215.44.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-44-14.compute-1.amazonaws.com
protected-by.clarium.io
3    2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    44.195.14.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-14-13.compute-1.amazonaws.com
prebid-a.rubiconproject.com
2    184.73.159.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-159-2.compute-1.amazonaws.com
rtb.gumgum.com
1    2606:4700:3037::6815:8eb (United States)

ASN13335 (CLOUDFLARENET, US)
qw.jinghuashuiyao.xyz
1    52.222.139.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-117.ams50.r.cloudfront.net
cdn.mediago.io
1    34.111.60.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.60.111.34.bc.googleusercontent.com
images.mediago.io
2    54.85.123.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-123-12.compute-1.amazonaws.com
q.adrta.com
3    2607:f8b0:4006:807::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
15    35.172.99.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-99-217.compute-1.amazonaws.com
usersync.gumgum.com
12    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    52.5.102.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-102-125.compute-1.amazonaws.com
t.pswec.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
2    52.71.54.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-54-14.compute-1.amazonaws.com
sync.srv.stackadapt.com
8    2600:1f18:4e9:5a07:1404:5fed:fb6f:9150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    52.73.162.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-162-54.compute-1.amazonaws.com
sync.ipredictive.com
2    38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    64.74.236.31 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    216.22.16.53 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
4    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
25    142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
cm.g.doubleclick.net
2    23.199.48.228 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-48-228.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    211.120.53.206 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
6    23.206.253.109 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-253-109.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    13.227.219.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-17.ams54.r.cloudfront.net
check.analytics.rlcdn.com
7    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
9    54.152.100.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-100-178.compute-1.amazonaws.com
match.prod.bidr.io
1    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
4    23.105.12.136 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
8    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
8    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
12    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    34.133.71.175 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com
um.simpli.fi
5    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
6    2606:ae80:1451:24::730 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
casale-match.dotomi.com
1    52.222.139.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-24.ams50.r.cloudfront.net
pix.adrta.com
4    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
3    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
p.rfihub.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    23.37.113.154 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-113-154.deploy.static.akamaitechnologies.com
sync.teads.tv
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2600:1f14:b4f:4b03:4a0d:9a74:130d:b53d (Boardman, United States)

ASN16509 (AMAZON-02, US)
ipv6.adrta.com
1    44.220.12.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-220-12-129.compute-1.amazonaws.com
adrta.com
1    2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    67.220.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
2    147.75.195.55 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    23.44.201.234 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-234.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    2600:9000:20a0:8c00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:20b4:4000:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    18.239.69.99 (None, )

ASN- ()
sync1.intentiq.com
2    23.92.190.68 (Houston, United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
2    2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    23.206.252.26 (None, )

ASN- ()
contextual.media.net
5    34.225.59.34 (None, )

ASN- ()
cookies.nextmillmedia.com
10    8.2.110.13 (None, )

ASN- ()
sync.adprime.com
1    2606:4700:4400::ac40:95b4 (None, )

ASN- ()
js-sec.indexww.com
2    35.214.250.169 (None, )

ASN- ()
csync.loopme.me
4    18.239.83.91 (None, )

ASN- ()
sb.scorecardresearch.com
3    173.231.178.77 (None, )

ASN- ()
cm.adgrx.com
2    2620:116:800b:21:4cb8:1820:80ca:50f7 (None, )

ASN- ()
cms.quantserve.com
1    192.96.203.13 (None, )

ASN- ()
sync.aralego.com
2    54.80.222.112 (None, )

ASN- ()
crb.kargo.com
1    52.7.125.92 (None, )

ASN- ()
sync.bfmio.com
1    52.87.59.166 (None, )

ASN- ()
rtb.adentifi.com
2    207.198.113.203 (None, )

ASN- ()
pixel-sync.sitescout.com
2    38.68.201.140 (None, )

ASN- ()
pmp.mxptint.net
1    35.211.118.13 (None, )

ASN- ()
r.bidswitch.net
2    34.196.44.50 (None, )

ASN- ()
match.sharethrough.com
3    2600:9000:2209:ee00:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
2    2a04:4e42:200::300 (None, )

ASN- ()
trc.taboola.com
1    2600:1f18:612b:4264:5fe1:169a:9e33:a694 (None, )

ASN- ()
partners.tremorhub.com
1    34.198.202.75 (None, )

ASN- ()
ads.yieldmo.com
1    3.86.121.216 (None, )

ASN- ()
sync.springserve.com
1    172.240.155.68 (None, )

ASN- ()
sync.colossusssp.com
1    34.235.210.13 (None, )

ASN- ()
e1.emxdgt.com
2    23.199.48.23 (None, )

ASN- ()
hbx.media.net
cs.media.net
1    96.46.186.182 (None, )

ASN- ()
sync.aniview.com
1    52.222.139.15 (None, )

ASN- ()
cm.smadex.com
3    8.2.108.194 (None, )

ASN- ()
us.ck-ie.com
2    107.151.11.58 (None, )

ASN- ()
s.adtelligent.com
1    63.251.86.51 (None, )

ASN- ()
ap.lijit.com
2    8.2.110.33 (None, )

ASN- ()
us.shb-sync.com
4    204.62.14.190 (None, )

ASN- ()
sync-service.net
2    35.190.60.146 (None, )

ASN- ()
idsync.rlcdn.com
1    107.178.254.65 (None, )

ASN- ()
pippio.com
1    172.98.26.246 (None, )

ASN- ()
sync.e-planning.net
1    216.219.92.22 (None, )

ASN- ()
inv-nets.admixer.net
11    104.18.36.155 (None, )

ASN- ()
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    35.186.193.173 (None, )

ASN- ()
cm.ctnsnet.com
2    2606:4700::6812:19ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    172.64.149.180 (None, )

ASN- ()
cdn.indexww.com
1    67.202.105.22 (None, )

ASN- ()
ssc-cms.33across.com
2    67.202.105.34 (None, )

ASN- ()
de.tynt.com
hde.tynt.com
1    35.227.252.103 (None, )

ASN- ()
rtb.openx.net
1    2606:4700::6813:9e13 (None, )

ASN- ()
assets.a-mo.net
1    34.96.71.22 (None, )

ASN- ()
s.company-target.com
1    34.160.19.107 (None, )

ASN- ()
dmp.brand-display.com
Apex Domain
Subdomains		 Transfer
55 jinghuashuiyao.xyz
qw.jinghuashuiyao.xyz
143 KB
39 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2300
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3172
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel-us-east.rubiconproject.com Failed
203 KB
36 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
216 KB
22 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
image2.pubmatic.com — Cisco Umbrella Rank: 924
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
31 KB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
ssum-sec.casalemedia.com
dsum.casalemedia.com
dsum-sec.casalemedia.com
13 KB
17 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1589
usersync.gumgum.com — Cisco Umbrella Rank: 2098
5 KB
14 googlesyndication.com
0f0772501ba38c43d1ce8092e0d1d020.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
249 KB
14 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
ib.adnxs.com — Cisco Umbrella Rank: 246
12 KB
13 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
6 KB
13 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
r.bidswitch.net
6 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
6 KB
11 adprime.com
delta.adprime.com — Cisco Umbrella Rank: 50548
sync.adprime.com
9 KB
10 nextmillmedia.com
pbs.nextmillmedia.com — Cisco Umbrella Rank: 3246
cookies.nextmillmedia.com
5 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
5 KB
9 openx.net
us-u.openx.net — Cisco Umbrella Rank: 522
u.openx.net — Cisco Umbrella Rank: 659
rtb.openx.net
2 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
6 KB
8 contextweb.com
bid.contextweb.com — Cisco Umbrella Rank: 3177
bh.contextweb.com — Cisco Umbrella Rank: 547
10 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
3 KB
7 medtargetsystem.com
www.medtargetsystem.com — Cisco Umbrella Rank: 9027
106 KB
7 doceree.com
servedbydoceree.doceree.com — Cisco Umbrella Rank: 41590
bidder.doceree.com — Cisco Umbrella Rank: 8120
18 KB
6 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
pulsepoint-match.dotomi.com
casale-match.dotomi.com
33across-match.dotomi.com Failed
2 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
6 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1611
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
ssbsync-global.smartadserver.com Failed
4 KB
5 adrta.com
q.adrta.com — Cisco Umbrella Rank: 3256
pix.adrta.com — Cisco Umbrella Rank: 3912
ipv6.adrta.com — Cisco Umbrella Rank: 3465
adrta.com — Cisco Umbrella Rank: 2248
14 KB
4 sync-service.net
sync-service.net
767 B
4 scorecardresearch.com
sb.scorecardresearch.com
3 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
r.turn.com — Cisco Umbrella Rank: 4121
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
3 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 157
1 KB
4 mediago.io
cdn.mediago.io — Cisco Umbrella Rank: 6166
images.mediago.io — Cisco Umbrella Rank: 2377
trace.mediago.io — Cisco Umbrella Rank: 904
102 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net
hbx.media.net
cs.media.net
12 KB
3 ck-ie.com
us.ck-ie.com
1 KB
3 smaato.net
s.ad.smaato.net
2 KB
3 adgrx.com
cm.adgrx.com
2 KB
3 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com
2 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
assets.a-mo.net
7 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
1021 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
876 B
3 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
769 B
3 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 2969
p.rfihub.com
3 KB
3 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4188
api.rlcdn.com Failed
idsync.rlcdn.com
1 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com — Cisco Umbrella Rank: 2731
1 KB
3 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1352
959 B
2 tynt.com
de.tynt.com
hde.tynt.com
3 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1011 B
2 shb-sync.com
us.shb-sync.com
2 KB
2 adtelligent.com
s.adtelligent.com
2 taboola.com
trc.taboola.com
525 B
2 sharethrough.com
match.sharethrough.com
557 B
2 mxptint.net
pmp.mxptint.net
967 B
2 sitescout.com
pixel-sync.sitescout.com
938 B
2 kargo.com
crb.kargo.com
717 B
2 quantserve.com
cms.quantserve.com
1004 B
2 loopme.me
csync.loopme.me
522 B
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
162 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com
2 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
523 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 597
725 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
701 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
728 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
1019 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
2 KB
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 4178
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
127 KB
2 brainlyads.com
report2.hb.brainlyads.com — Cisco Umbrella Rank: 4730
1 KB
2 drugs.com
www.drugs.com — Cisco Umbrella Rank: 46435
165 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1481
115 KB
1 brand-display.com
dmp.brand-display.com
351 B
1 company-target.com
s.company-target.com
423 B
1 33across.com
ssc-cms.33across.com
664 B
1 ctnsnet.com
cm.ctnsnet.com
443 B
1 admixer.net
inv-nets.admixer.net
520 B
1 e-planning.net
sync.e-planning.net
104 B
1 pippio.com
pippio.com
634 B
1 smadex.com
cm.smadex.com
616 B
1 aniview.com
sync.aniview.com
247 B
1 emxdgt.com
e1.emxdgt.com
120 B
1 colossusssp.com
sync.colossusssp.com
175 B
1 springserve.com
sync.springserve.com
206 B
1 yieldmo.com
ads.yieldmo.com
596 B
1 tremorhub.com
partners.tremorhub.com
175 B
1 adentifi.com
rtb.adentifi.com
287 B
1 bfmio.com
sync.bfmio.com
425 B
1 aralego.com
sync.aralego.com
473 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
555 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
646 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
674 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
658 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4024
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
4 KB
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
837 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1459
244 B
1 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3706
435 B
1 lhmos.com
trc.lhmos.com — Cisco Umbrella Rank: 10283
821 B
1 assettype.com
gumlet.assettype.com — Cisco Umbrella Rank: 74966
11 KB
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 atemda.com Failed
atemda.com Failed
0 tappx.com Failed
ssp.api.tappx.com Failed
337 101
Domain Requested by
55 qw.jinghuashuiyao.xyz qw.jinghuashuiyao.xyz
25 cm.g.doubleclick.net 15 redirects rtb.gumgum.com
googleads.g.doubleclick.net
u.openx.net
qw.jinghuashuiyao.xyz
eb2.3lift.com
15 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
qw.jinghuashuiyao.xyz
13 pixel.rubiconproject.com 9 redirects qw.jinghuashuiyao.xyz
12 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
12 eb2.3lift.com 3 redirects ads.pubmatic.com
ads.rubiconproject.com
bh.contextweb.com
eb2.3lift.com
hde.tynt.com
12 x.bidswitch.net 11 redirects sync.adprime.com
hde.tynt.com
10 sync.adprime.com 5 redirects ads.rubiconproject.com
sync.adprime.com
9 match.prod.bidr.io 9 redirects
9 ib.adnxs.com 5 redirects ads.rubiconproject.com
qw.jinghuashuiyao.xyz
bh.contextweb.com
eb2.3lift.com
8 token.rubiconproject.com 6 redirects eus.rubiconproject.com
8 simage2.pubmatic.com 1 redirects ads.pubmatic.com
qw.jinghuashuiyao.xyz
bh.contextweb.com
8 image2.pubmatic.com ads.pubmatic.com
qw.jinghuashuiyao.xyz
8 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
u.openx.net
ssum-sec.casalemedia.com
8 pagead2.googlesyndication.com qw.jinghuashuiyao.xyz
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 s.amazon-adsystem.com 2 redirects ads.pubmatic.com
u.openx.net
qw.jinghuashuiyao.xyz
bh.contextweb.com
7 match.adsrvr.org 7 redirects
7 bh.contextweb.com 2 redirects ads.rubiconproject.com
bh.contextweb.com
7 us-u.openx.net 2 redirects u.openx.net
qw.jinghuashuiyao.xyz
bh.contextweb.com
7 www.medtargetsystem.com servedbydoceree.doceree.com
www.medtargetsystem.com
qw.jinghuashuiyao.xyz
6 pixel.tapad.com 4 redirects ads.pubmatic.com
qw.jinghuashuiyao.xyz
6 eus.rubiconproject.com rtb.gumgum.com
eus.rubiconproject.com
ads.rubiconproject.com
cookies.nextmillmedia.com
6 prebid-server.rubiconproject.com ads.rubiconproject.com
qw.jinghuashuiyao.xyz
rtb.gumgum.com
u.openx.net
6 bidder.doceree.com 2 redirects servedbydoceree.doceree.com
ads.rubiconproject.com
6 securepubads.g.doubleclick.net qw.jinghuashuiyao.xyz
securepubads.g.doubleclick.net
www.googletagservices.com
5 cookies.nextmillmedia.com 4 redirects ads.rubiconproject.com
5 ups.analytics.yahoo.com 4 redirects bh.contextweb.com
hde.tynt.com
5 tpc.googlesyndication.com googleads.g.doubleclick.net
qw.jinghuashuiyao.xyz
5 pbs.nextmillmedia.com ads.rubiconproject.com
cookies.nextmillmedia.com
ssum-sec.casalemedia.com
5 secure.adnxs.com 5 redirects
4 sync-service.net sync.adprime.com
4 sb.scorecardresearch.com 2 redirects qw.jinghuashuiyao.xyz
4 ssum-sec.casalemedia.com 1 redirects qw.jinghuashuiyao.xyz
js-sec.indexww.com
cookies.nextmillmedia.com
4 rtb-csync.smartadserver.com 1 redirects qw.jinghuashuiyao.xyz
sync.adprime.com
4 c1.adform.net 4 redirects cookies.nextmillmedia.com
3 us.ck-ie.com 2 redirects sync.adprime.com
3 dsum.casalemedia.com bh.contextweb.com
ssum-sec.casalemedia.com
3 s.ad.smaato.net 3 redirects
3 cm.adgrx.com 3 redirects
3 px.ads.linkedin.com qw.jinghuashuiyao.xyz
eb2.3lift.com
sync.adprime.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 sync.teads.tv 1 redirects googleads.g.doubleclick.net
bh.contextweb.com
3 ad.turn.com 3 redirects
3 www.google.com googleads.g.doubleclick.net
qw.jinghuashuiyao.xyz
3 googleads.g.doubleclick.net qw.jinghuashuiyao.xyz
googleads.g.doubleclick.net
3 thrtle.com 1 redirects qw.jinghuashuiyao.xyz
2 casale-match.dotomi.com 2 redirects
2 idsync.rlcdn.com 2 redirects
2 us.shb-sync.com 2 redirects
2 s.adtelligent.com sync.adprime.com
2 trc.taboola.com bh.contextweb.com
2 match.sharethrough.com bh.contextweb.com
sync.adprime.com
2 pulsepoint-match.dotomi.com 2 redirects
2 pmp.mxptint.net 1 redirects qw.jinghuashuiyao.xyz
2 pixel-sync.sitescout.com 2 redirects
2 crb.kargo.com qw.jinghuashuiyao.xyz
bh.contextweb.com
2 p.rfihub.com 2 redirects
2 cms.quantserve.com 2 redirects
2 csync.loopme.me 2 redirects
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com qw.jinghuashuiyao.xyz
www.googletagmanager.com
2 ce.lijit.com 1 redirects qw.jinghuashuiyao.xyz
2 prebid.a-mo.net qw.jinghuashuiyao.xyz
cookies.nextmillmedia.com
2 capi.connatix.com 1 redirects qw.jinghuashuiyao.xyz
2 dis.criteo.com googleads.g.doubleclick.net
eb2.3lift.com
2 pubmatic-match.dotomi.com 2 redirects
2 trace.mediago.io googleads.g.doubleclick.net
2 image6.pubmatic.com ads.pubmatic.com
2 secure-assets.rubiconproject.com 2 redirects hde.tynt.com
2 creativecdn.com 2 redirects
2 ads.pubmatic.com rtb.gumgum.com
ads.pubmatic.com
2 b1sync.zemanta.com 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync.ipredictive.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 t.pswec.com 2 redirects
2 q.adrta.com googleads.g.doubleclick.net
q.adrta.com
2 rtb.gumgum.com ads.rubiconproject.com
rtb.gumgum.com
2 prebid-a.rubiconproject.com ads.rubiconproject.com
2 www.googletagservices.com qw.jinghuashuiyao.xyz
googleads.g.doubleclick.net
2 report2.hb.brainlyads.com qw.jinghuashuiyao.xyz
2 htlb.casalemedia.com ads.rubiconproject.com
2 i.liadm.com 2 redirects bh.contextweb.com
2 www.drugs.com qw.jinghuashuiyao.xyz
2 cdn.confiant-integrations.net qw.jinghuashuiyao.xyz
cdn.confiant-integrations.net
1 dmp.brand-display.com 1 redirects
1 s.company-target.com 1 redirects
1 assets.a-mo.net prebid.a-mo.net
1 rtb.openx.net 1 redirects
1 hde.tynt.com cookies.nextmillmedia.com
1 de.tynt.com 1 redirects
1 ssc-cms.33across.com 1 redirects hde.tynt.com
1 cs.media.net contextual.media.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 sync.e-planning.net sync.adprime.com
1 pippio.com 1 redirects
1 ap.lijit.com 1 redirects
1 cm.smadex.com 1 redirects
1 sync.aniview.com bh.contextweb.com
1 hbx.media.net bh.contextweb.com
1 e1.emxdgt.com bh.contextweb.com
1 sync.colossusssp.com bh.contextweb.com
1 sync.springserve.com bh.contextweb.com
1 ads.yieldmo.com bh.contextweb.com
1 partners.tremorhub.com bh.contextweb.com
1 r.bidswitch.net 1 redirects
1 rtb.adentifi.com qw.jinghuashuiyao.xyz
1 sync.bfmio.com qw.jinghuashuiyao.xyz
1 sync.aralego.com 1 redirects
1 js-sec.indexww.com ads.rubiconproject.com
1 contextual.media.net ads.rubiconproject.com
1 simage4.pubmatic.com ads.pubmatic.com
1 analytics.google.com www.googletagmanager.com
1 sync1.intentiq.com qw.jinghuashuiyao.xyz
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 hb.yahoo.net qw.jinghuashuiyao.xyz
1 aax-eu.amazon-adsystem.com qw.jinghuashuiyao.xyz
1 adrta.com pix.adrta.com
1 ipv6.adrta.com pix.adrta.com
1 u.openx.net ads.rubiconproject.com
1 t.adx.opera.com 1 redirects
1 a.rfihub.com 1 redirects
1 r.turn.com googleads.g.doubleclick.net
1 pix.adrta.com q.adrta.com
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi 1 redirects
1 us01.z.antigena.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 check.analytics.rlcdn.com ads.rubiconproject.com
1 tg.socdm.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 images.mediago.io googleads.g.doubleclick.net
1 cdn.mediago.io googleads.g.doubleclick.net
1 protected-by.clarium.io qw.jinghuashuiyao.xyz
1 0f0772501ba38c43d1ce8092e0d1d020.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 hb.minutemedia-prebid.com ads.rubiconproject.com
1 prg.smartadserver.com ads.rubiconproject.com
1 prebid.media.net ads.rubiconproject.com
1 trc.lhmos.com qw.jinghuashuiyao.xyz
1 delta.adprime.com ads.rubiconproject.com
1 fastlane.rubiconproject.com ads.rubiconproject.com
1 tlx.3lift.com ads.rubiconproject.com
1 bid.contextweb.com ads.rubiconproject.com
1 i6.liadm.com qw.jinghuashuiyao.xyz
1 gumlet.assettype.com qw.jinghuashuiyao.xyz
1 servedbydoceree.doceree.com ads.rubiconproject.com
1 ads.rubiconproject.com qw.jinghuashuiyao.xyz
0 33across-match.dotomi.com Failed hde.tynt.com
0 pixel-us-east.rubiconproject.com Failed cookies.nextmillmedia.com
0 ssbsync-global.smartadserver.com Failed bh.contextweb.com
0 cs.chocolateplatform.com Failed bh.contextweb.com
0 atemda.com Failed bh.contextweb.com
0 api.rlcdn.com Failed ads.rubiconproject.com
0 ssp.api.tappx.com Failed ads.rubiconproject.com
337 160
Subject Issuer Validity Valid
jinghuashuiyao.xyz
GTS CA 1P5		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-09-20 -
2023-12-19		 3 months crt.sh
*.doceree.com
Amazon RSA 2048 M03		 2023-08-20 -
2024-09-16		 a year crt.sh
medtargetsystem.com
Amazon RSA 2048 M03		 2023-09-22 -
2024-10-21		 a year crt.sh
assettype.com
Cloudflare Inc ECC CA-3		 2023-04-28 -
2024-04-27		 a year crt.sh
*.drugs.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-06-19 -
2024-07-19		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
n34.adprime.com
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
pbs.nextmillmedia.com
Amazon RSA 2048 M01		 2023-06-13 -
2024-07-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M02		 2023-04-09 -
2024-05-07		 a year crt.sh
report2.hb.brainlyads.com
R3		 2023-10-22 -
2024-01-20		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M01		 2022-12-16 -
2024-01-14		 a year crt.sh
va-ad-exch-dev-eks.dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M03		 2023-08-14 -
2024-09-11		 a year crt.sh
*.mediago.io
Amazon RSA 2048 M03		 2023-08-07 -
2024-09-04		 a year crt.sh
*.adrta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-07 -
2024-07-23		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-06-27 -
2024-07-24		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
delta.adprime.com
R3		 2023-09-29 -
2023-12-28		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2023-03-22 -
2024-04-22		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-08-14 -
2024-09-12		 a year crt.sh
*.springserve.com
Amazon RSA 2048 M02		 2023-08-02 -
2024-08-30		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
*.aniview.com
GeoTrust TLS RSA CA G1		 2023-07-15 -
2024-08-14		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
sync-service.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-24 -
2023-12-23		 3 months crt.sh
*.e-planning.net
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-10 -
2024-03-09		 a year crt.sh

This page contains 48 frames:

Primary Page: https://qw.jinghuashuiyao.xyz/
Frame ID: C13F3CE7989961548AC07A7F0703F4C3
Requests: 107 HTTP requests in this frame

Frame: https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&_sid=06a872a8-6054-4147-b772-561c7b055fce&_vid=cf85595a-b76e-4a66-b68b-8cc67817b44c&_ak=160-2655-D7D48E5B&_flash=false&_th=1699760423|1699760423|1
Frame ID: 17DF0A45707FD99550FD92A69B3382C2
Requests: 5 HTTP requests in this frame

Frame: https://0f0772501ba38c43d1ce8092e0d1d020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D0F5A3F8BA959889C7038D9BB2FCB7C7
Requests: 1 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Frame ID: 25CE00C9B7B54699AE5685C3F7583F10
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6HIf8m9ltkN77WpqBo7VVa8syLEveqwkAuCGP0sQTJDYCEkHmvf-Tju0BDH59ckzE0rEWybEfSDG4mC0sSN4KMqllq6qIS3hLIykIe9FGCVWgBd_m-TNUnEK3e_Niic0LEYRwPoyL8VZ6bFhzyPssWR5KGrtETn4Oiy5HqtI-rNy9LQBjq_b8QMOTf5CAfVFxSw-qpefseRL5gQ7YKc2kOMck_5DERi1CMgeoAajIrNw3hKeNSkjhTXG3hWpyVfbQ_2Eg2K1TbUOW8QOTMyfOsJEgZDc_yezIa1ArmaoIuzQMY_L7xkijss78L7bIYo0V_9BGGKC886RGxfv8_h2_9VJoTo4&sai=AMfl-YRvi3dbiXhmmlBIrGiOHnX6qaoFDO4qsadNI0m2vDpP58mDVvjntjPGsp4j000XDkXqPpcVWd3zLUpkPfhGXb5gZSLNE9RWctbkWEoMmvNy4jZvrE_9FNIDpUiX_LnFn6L00GFLvmID76UlnyBqMRU&sig=Cg0ArKJSzBLvcaADweYBEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 494E48892BEF9DED087F5F9D6BD3CE7F
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: 399FA4EC983A754FDDC60889A52CAF53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Frame ID: 7DAAE41D2966E0351CE71F45AA5EEA08
Requests: 16 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 389AFAD1D012E6CCBD11F6A92A47CC3D
Requests: 12 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=3604944725766803850&gdpr=&gdpr_consent=
Frame ID: 9F69949DFF8D3C2C05D8C6E6E5E2B5DC
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9lNzk0ZjRhMy1hNTVhLTQ3NDctOTAwNi05NGFmZjg1MTk4MGU=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 277E8AB845720D2B5E91304E3E2BC5D4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 1F5A5E7273C265AD519B8C3E3191BABC
Requests: 23 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=59101c9a-21ec-4bd8-91fa-67f15008d9f8
Frame ID: 6B840FFDD05975B62DABA88ED006C0C8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZVBJKsCo5ukAAMZ9xLkAAAAA
Frame ID: EA06C2F72C8AA1C932B9E5F086BE0576
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=8iQJo75xKHHZcSBtPQec&pi=gumgum&tc=1
Frame ID: 6F22F3DF20755631572DF3DE26F8D924
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 7BFFA4399B580DBCC1033FDB313AB4F2
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9089C4222B90AABE0EE7B235360C6052
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 1A0AF204356B122D3EA262D6274CEA5A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADYaU7KoJIAABY6SAH-Ew&gdpr=0&gdpr_consent=
Frame ID: EEA94E4C5AE977947F15F53DDEAA57F8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7951105042517337080&gdpr=0&gdpr_consent=
Frame ID: F7DEAFEA37EFCBF202EDAD7BA15EDC7C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=D73D9093-D4FA-4908-93A7-01F9CAFE2D97
Frame ID: AEABBC947465350B8ADF3A7B5CAADFFA
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: A187A3DF5F9F409AEF157C11636384D7
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EABF4CF8A32BFC38A3E92631F2D470BE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DB55EC97B18509064C7160C2AF243AC
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUCS6QV3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 48C1F6EF11D6F66682381EC81182CF47
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0ED3B014E163D4F0C9FCB0DB8F04B414
Requests: 2 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/sync?type=iframe
Frame ID: A3D0F61E0013ED30066714113D7AFEB1
Requests: 1 HTTP requests in this frame

Frame: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Frame ID: 6ECC24972F149A9B61CA7C4C3C3935D4
Requests: 18 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 6D5EF7D0E8218F104E7EC1A7ABF8DA75
Requests: 29 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A10C391907248FA0B715C466BC310646
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 55F6BBE0B55B5458062714767EC23703
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 42EA1BC40D1BFDFBA260A72AF4688F04
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ba044e0be2b54ac69ed7a
Frame ID: 74BE00A06B191FF66B7E6AD333DD9DCF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=397e85c6-810d-11ee-b26a-b7870c09b7e7
Frame ID: BFFD6AB72F16AD309D1B446D60CF9F6C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=59G7XeXdvAn80rpZ4t2jVeWC6Av8hrlb4ILf3D6Z
Frame ID: E52AAD1E4A82A79DB4D93DF2161122D3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 3DF937D1A1EAB4FD2B816936C5C4AF81
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=527678018558166081
Frame ID: 20B5A006AF5EB1588497BE3E9455B84A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=D73D9093-D4FA-4908-93A7-01F9CAFE2D97
Frame ID: 13CBA5F0425040174757AED0D23240EE
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 26AA177C414A0014CC2231638A630A1D
Requests: 10 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=adnxs&uid=7951105042517337080
Frame ID: DE06FA90DB6E64FF03A48BF97CE3E14D
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Frame ID: 2A64041AC909CA0CC6A7A591A856F325
Requests: 6 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=6d1855a9-26f0-453b-bc73-d2a6d2528e8e
Frame ID: 44A881AF07D6FEBA5B1B89471BC1CF57
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Frame ID: 97671B4689393BE2CD0F174A107931AE
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Frame ID: 2DDB806EBB8B57B6A68875DF874722C4
Requests: 4 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Frame ID: B00FF8219F057C6BE543A5DF605E6B2E
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Frame ID: 4A0E3EA4B5D0FA38E42D2B8BB7F2F4E7
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=fd814904-6659-49a4-b9d4-43a8f8490919
Frame ID: A37F40C16B092706CEFD390269663FED
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: EF577479C3049E339C82D3DF98407CAD
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?us_privacy=&ts=1699760429819.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D
Frame ID: 028186C1856622D4779F367AFDB6AB77
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Drugs.com - Prescription Drug Information

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

337
Requests

67 %
HTTPS

19 %
IPv6

101
Domains

160
Subdomains

103
IPs

7
Countries

1771 kB
Transfer

4457 kB
Size

154
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://bidder.doceree.com/v1/init?id=a1ec879a-0388-478b-9237-9d058d8abc70 HTTP 302
  • https://thrtle.com/insync?vxii_pid=10069&vxii_pdid=a1ec879a-0388-478b-9237-9d058d8abc70 HTTP 302
  • https://thrtle.com/insync?vxii_pdid=a1ec879a-0388-478b-9237-9d058d8abc70&vxii_pid=12&vxii_pid1=10069&vxii_rcid=8789e084-ccab-4c8b-b79b-ce4cb0003739
Request Chain 69
  • https://bidder.doceree.com/v1/initliveintent?id=a1ec879a-0388-478b-9237-9d058d8abc70 HTTP 302
  • https://i.liadm.com/s/65864?bidder_id=246430&bidder_uuid=a1ec879a-0388-478b-9237-9d058d8abc70 HTTP 303
  • https://i.liadm.com/s/65864?bidder_id=246430&bidder_uuid=a1ec879a-0388-478b-9237-9d058d8abc70&_li_chk=true&previous_uuid=37a8c340c527456bba7dbf5ac823c3bf HTTP 303
  • https://i6.liadm.com/s/65864?bidder_id=246430&bidder_uuid=a1ec879a-0388-478b-9237-9d058d8abc70
Request Chain 80
  • https://secure.adnxs.com/getuid?https://trc.lhmos.com/prebid/request?auctionStart=1699760423568&url=https%253A%252F%252Fqw.jinghuashuiyao.xyz%252F&bidderRequestId=125533a0d5a030d&adUnitCode=display-ad-1&auctionId=e0659fef-f4d3-4fe6-949e-7044b7eb6adb&bidId=13fcd35867ef007&transactionId=d4eea1e8-d65e-4a53-8a3b-a9180004c844&device=%257B%2522ua%2522%253A%2522Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F119.0.6045.123%2520Safari%252F537.36%2522%252C%2522width%2522%253A1600%252C%2522height%2522%253A1200%252C%2522browserLanguage%2522%253A%2522en-US%2522%257D&sizes=300%2C250&aimXR=null&uid=%24UID&params=%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22adUnitId%22%3A%222459%22%7D&crumbs=undefined&prebidVersion=8.17.0&version=3&coppa=0&ccpa=undefined HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Ftrc.lhmos.com%2Fprebid%2Frequest%3FauctionStart%3D1699760423568%26url%3Dhttps%25253A%25252F%25252Fqw.jinghuashuiyao.xyz%25252F%26bidderRequestId%3D125533a0d5a030d%26adUnitCode%3Ddisplay-ad-1%26auctionId%3De0659fef-f4d3-4fe6-949e-7044b7eb6adb%26bidId%3D13fcd35867ef007%26transactionId%3Dd4eea1e8-d65e-4a53-8a3b-a9180004c844%26device%3D%25257B%252522ua%252522%25253A%252522Mozilla%25252F5.0%252520%28Windows%252520NT%25252010.0%25253B%252520Win64%25253B%252520x64%29%252520AppleWebKit%25252F537.36%252520%28KHTML%25252C%252520like%252520Gecko%29%252520Chrome%25252F119.0.6045.123%252520Safari%25252F537.36%252522%25252C%252522width%252522%25253A1600%25252C%252522height%252522%25253A1200%25252C%252522browserLanguage%252522%25253A%252522en-US%252522%25257D%26sizes%3D300%252C250%26aimXR%3Dnull%26uid%3D%2524UID%26params%3D%257B%2522sizes%2522%253A%255B%255B300%252C250%255D%252C%255B300%252C600%255D%255D%252C%2522adUnitId%2522%253A%25222459%2522%257D%26crumbs%3Dundefined%26prebidVersion%3D8.17.0%26version%3D3%26coppa%3D0%26ccpa%3Dundefined HTTP 302
  • https://trc.lhmos.com/prebid/request?auctionStart=1699760423568&url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&bidderRequestId=125533a0d5a030d&adUnitCode=display-ad-1&auctionId=e0659fef-f4d3-4fe6-949e-7044b7eb6adb&bidId=13fcd35867ef007&transactionId=d4eea1e8-d65e-4a53-8a3b-a9180004c844&device=%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22width%22%3A1600%2C%22height%22%3A1200%2C%22browserLanguage%22%3A%22en-US%22%7D&sizes=300,250&aimXR=null&uid=7951105042517337080&params={%22sizes%22:[[300,250],[300,600]],%22adUnitId%22:%222459%22}&crumbs=undefined&prebidVersion=8.17.0&version=3&coppa=0&ccpa=undefined
Request Chain 91
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=13482&us_privacy=&gpp_sid=&gpp= HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=13482&uid=LOUXGXA5-B-CIIH
Request Chain 116
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7951105042517337080
Request Chain 117
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_e794f4a3-a55a-4747-9006-94aff851980e&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_e794f4a3-a55a-4747-9006-94aff851980e&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=gumgum2&bsw_user_id=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=gumgum2&bsw_user_id=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=f8c9c27c-3f1e-4d84-81f6-a047fb3eba5c&expires=3&user_group=1&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 118
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=a3fb7e16-b77a-4e84-b084-025e9b594d45
Request Chain 119
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134
Request Chain 120
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-wVS_879E2pdaVr1ZP5mo8UZ7F_wbr4U1E2bL~A
Request Chain 121
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=8392f24d-0ada-490b-952e-a47ef9697103
Request Chain 123
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_e794f4a3-a55a-4747-9006-94aff851980e&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=u_e794f4a3-a55a-4747-9006-94aff851980e&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=-yMsTCpHscGH03KPptyz
Request Chain 124
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=c4oQ0PzSADVr&ev=1&pid=558355
Request Chain 125
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4345599828454128829
Request Chain 127
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=3604944725766803850&gdpr=&gdpr_consent=
Request Chain 130
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=59101c9a-21ec-4bd8-91fa-67f15008d9f8
Request Chain 131
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVBJKsCo5ukAAMZ9xLkAAAAA
Request Chain 132
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=8iQJo75xKHHZcSBtPQec&pi=gumgum&tc=1
Request Chain 133
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 140
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 141
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWWFVN0tvSklBQUJZNlNBSC1Fdw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AADYaU7KoJIAABY6SAH-Ew&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADYaU7KoJIAABY6SAH-Ew&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4345599828454128829&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADYaU7KoJIAABY6SAH-Ew&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4345599828454128829%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4345599828454128829&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AADYaU7KoJIAABY6SAH-Ew&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADYaU7KoJIAABY6SAH-Ew&gdpr=0&gdpr_consent=
Request Chain 142
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7951105042517337080&gdpr=0&gdpr_consent=
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1z2Qk9T6SQiTpwH5yv4tlw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 145
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D73D9093-D4FA-4908-93A7-01F9CAFE2D97 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=D73D9093-D4FA-4908-93A7-01F9CAFE2D97 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=dd1d3d63-2c54-42e7-8ac9-4dc323055116%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=59101c9a-21ec-4bd8-91fa-67f15008d9f8&ttd_puid=dd1d3d63-2c54-42e7-8ac9-4dc323055116%2C%2C
Request Chain 147
  • https://eb2.3lift.com/xuid?mid=7976&xuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDczRDkwOTMtRDRGQS00OTA4LTkzQTctMDFGOUNBRkUyRDk3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM67FQZn8rHs_3PYH--VH4k&google_cver=1
Request Chain 150
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0E8E1034CA8A4DDA81839A2628FF3ECF
Request Chain 151
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=59101c9a-21ec-4bd8-91fa-67f15008d9f8&gdpr=0&gdpr_consent=
Request Chain 152
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NJkrLzhE2uUp9tDHdwXhFd.DFYIBCOA-~A&gdpr=0
Request Chain 154
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2b9b8d5915f714fd&is_secure=true&networkId=17100&version=1&nuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHiu0Dtfg7QQMMQempAAAAAAA&expiration=1699846826&nuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 159
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJZKAQO68umAmr2aZnrQaEA&google_cver=1&google_push=AXcoOmRoJRguM6GXt4i346pWWyhaF8dRXp0lrPDseaW5RblGk-KTfKh5AqR8KF3RJvkIA2wZ1yJ97md87E4vQX6rMZsLqHNLuJw6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQ4MDk3NTI5OTM4Mzg1Mzg0OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJZKAQO68umAmr2aZnrQaEA&google_cver=1
Request Chain 160
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBbDhqMSu9ccoqFxnJrmUHg&google_cver=1&google_push=AXcoOmS1-gie8pzN3pIj3bTyw6OHHAIr505FF2W4wROsw1X9YXKljh7KQjGfDfDymmFh6MklR2yn6wL0HxgtjtD60i41MJ-8QCJTOA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmS1-gie8pzN3pIj3bTyw6OHHAIr505FF2W4wROsw1X9YXKljh7KQjGfDfDymmFh6MklR2yn6wL0HxgtjtD60i41MJ-8QCJTOA&google_hm=j_fRre5ARA64fe06o_rkeg==
Request Chain 162
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMd2qiqJIxNM7TKDpnDGgeQ&google_cver=1&google_push=AXcoOmTSKDsVLCf60yQHR8Le7kLzAa8pc2QZ13pc3uiUJrxzps17me1g9lDmYLL0KqjySCUfXtu1ibWvCv-h3pa4tARS0P0TUSogVg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMd2qiqJIxNM7TKDpnDGgeQ&google_cver=1&google_push=AXcoOmTSKDsVLCf60yQHR8Le7kLzAa8pc2QZ13pc3uiUJrxzps17me1g9lDmYLL0KqjySCUfXtu1ibWvCv-h3pa4tARS0P0TUSogVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM4NDQxODQ1MTcxNzc3NjM1Mg&google_push=AXcoOmTSKDsVLCf60yQHR8Le7kLzAa8pc2QZ13pc3uiUJrxzps17me1g9lDmYLL0KqjySCUfXtu1ibWvCv-h3pa4tARS0P0TUSogVg
Request Chain 163
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEOTXxuPliERs4uYZnDMlfZU&google_cver=1&google_push=AXcoOmR7qRSZ3tooW6BgWxA8lK5r3f_J0rT1TW8Nyx5JX6HgxtkLWkAIxjJdoiaJnExR3U-23LK-WoGJTCMn6IjREhJ9upos1Kh8PRA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR7qRSZ3tooW6BgWxA8lK5r3f_J0rT1TW8Nyx5JX6HgxtkLWkAIxjJdoiaJnExR3U-23LK-WoGJTCMn6IjREhJ9upos1Kh8PRA&google_hm=NTI3Njc4MDE4NTU4MTY2MDgx
Request Chain 164
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQ-AFNUjIbgc3nhBsRKTZkl_GdrNMERdAbQE13LAyz9LGLZaMu_NWhDB8r80MmyJ79xXoDai-MFbf1Vq-liNV3h5BqS40BdO3E&google_gid=CAESEC--47obJBm3HwPYKoMtP_s&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC--47obJBm3HwPYKoMtP_s&google_hm=T1BVOGIyYThkMjNkYjBlNGFkYjlhMWE1ZjQzYWY3OTdlNmU&google_nid=opera_norway_as&google_push=AXcoOmQ-AFNUjIbgc3nhBsRKTZkl_GdrNMERdAbQE13LAyz9LGLZaMu_NWhDB8r80MmyJ79xXoDai-MFbf1Vq-liNV3h5BqS40BdO3E
Request Chain 165
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMe6kn4AvqjVMmmTbWEegUc&google_cver=1&google_push=AXcoOmQpRy5oCgf5soAhyuflLX17YVqtZKpxLg9fqOYr9JjIS48DnJfa_vF7WfQRy5z-51l795-PTdl3cjC8VRONcNTOBzx3f9_jZw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YzQ5N2ZiMzgtYmQ0ZS00ZmIzLThkYTEtMDM2YjJjYjQzNjNk&google_push=AXcoOmQpRy5oCgf5soAhyuflLX17YVqtZKpxLg9fqOYr9JjIS48DnJfa_vF7WfQRy5z-51l795-PTdl3cjC8VRONcNTOBzx3f9_jZw HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 167
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=7951105042517337080
Request Chain 171
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZVBJKgAA_NSVfwBf HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVBJKgAA_NSVfwBf&_test=ZVBJKgAA_NSVfwBf
Request Chain 174
  • https://match.adsrvr.org/track/cmf/openx?oxid=54c6da66-9f6f-76d2-d7ff-12b353094c03&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=59101c9a-21ec-4bd8-91fa-67f15008d9f8&ttd_puid=54c6da66-9f6f-76d2-d7ff-12b353094c03&gdpr=0&gdpr_consent=
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF1WOacfLimVUDTTNs__3LM&google_cver=1
Request Chain 181
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOUXGXA5-B-CIIH HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LOUXGXA5-B-CIIH
Request Chain 186
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/eqi6e5WCBDqlnqJQDBZCAQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cv.TQntE2oKd3mPHBRvCHMfrHe7oSFnhimjudQ--~A
Request Chain 187
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOUXGXA5-B-CIIH
Request Chain 188
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zCysdxYMTyikY87G_0kPoA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zCysdxYMTyikY87G_0kPoA
Request Chain 189
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9VWEdYQTUtQi1DSUlI HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBkrtVGtRy5I45rJRl2CRX4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9VWEdYQTUtQi1DSUlI&google_push=
Request Chain 190
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=59101c9a-21ec-4bd8-91fa-67f15008d9f8&gdpr=0&gdpr_consent=&expires=30
Request Chain 191
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzlhNzgxMGExYThlZTU5YjI0NGU0NjJkMGQzZTFkZGRlMDcyNmU2Yw
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEImDSU_8ViyFGTP8pZnAfIc&google_cver=1
Request Chain 193
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADYaU7KoJIAABY6SAH-Ew&expires=30
Request Chain 194
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOUXGXA5-B-CIIH&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOUXGXA5-B-CIIH&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 195
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LOUXGXA5-B-CIIH
Request Chain 196
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOUXGXA5-B-CIIH&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOUXGXA5-B-CIIH&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yQ3hGQlpsRTJ1SFFtT2JEN3RMRW1FUVFuZUs3bERoQn5B&ovsid=LOUXGXA5-B-CIIH&dpid=58160
Request Chain 197
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOUXGXA5-B-CIIH HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOUXGXA5-B-CIIH HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOUXGXA5-B-CIIH&ckls=true&ci=CNC3PmUPrL&nc=false&trid=-271443877
Request Chain 198
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOUXGXA5-B-CIIH
Request Chain 199
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LOUXGXA5-B-CIIH HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LOUXGXA5-B-CIIH&dnr=1
Request Chain 200
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOUXGXA5-B-CIIH
Request Chain 222
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=fd814904-6659-49a4-b9d4-43a8f8490919&gdpr_consent=null&gdpr=0
Request Chain 223
  • https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Request Chain 224
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=2480975299383853849&gdpr=0&gdpr_consent=
Request Chain 225
  • https://sb.scorecardresearch.com/cs/38584006/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 228
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ba044e0be2b54ac69ed7a
Request Chain 229
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=397e85c6-810d-11ee-b26a-b7870c09b7e7
Request Chain 230
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=59G7XeXdvAn80rpZ4t2jVeWC6Av8hrlb4ILf3D6Z
Request Chain 231
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=530e5f89-1a8f-31ff-a55c-06d838010614&ssp=pubmatic&bsw_param=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 232
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=527678018558166081
Request Chain 238
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8392f24d-0ada-490b-952e-a47ef9697103&gdpr=0&gdpr_consent=
Request Chain 240
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e66dafa6-ef99-4c1d-b674-926ccd8a8a5e-6550492d-5553&gdpr=0&gdpr_consent=
Request Chain 241
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10C03211E_9F75B26E&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 243
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=4086da77f79b10e2&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF0mOr56owrwNm1ZO5AAAAAAA&expiration=1699846829&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=X2tfNnJPRFBqT2FiQ2lnSnYtQ3ZLQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOZpiF2j4CJEtSSTYutQWhg&google_cver=1
Request Chain 245
  • https://x.bidswitch.net/sync?ssp=pulsepoint HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=pulsepoint&bsw_custom_parameter=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dpulsepoint%26bsw_param%3D8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Ddd1d3d63-2c54-42e7-8ac9-4dc323055116%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dpulsepoint%252526bsw_param%25253D8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7951105042517337080&pt=dd1d3d63-2c54-42e7-8ac9-4dc323055116%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dpulsepoint%2526bsw_param%253D8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=pulsepoint&bsw_param=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a
Request Chain 249
  • https://s.ad.smaato.net/c/?dspInit=1001299&dspCookie=c4oQ0PzSADVr HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=93dfb3d8c8&gdpr=0&gdpr_consent=
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_cm&google_hm=c4oQ0PzSADVr HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESELU0Z1w1QUybmQZgOkNHrEM&google_cver=1
Request Chain 262
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=c4oQ0PzSADVr HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2480975299383853849 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=37a8c340-c527-456b-ba7d-bf5ac823c3bf HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=62afbe01-4457-4306-9b9f-9bfa2937a561%3A1699760429.7300751&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D62afbe01-4457-4306-9b9f-9bfa2937a561%253A1699760429.7300751%26pid%3D500040%26it%3D1%26iv%3D62afbe01-4457-4306-9b9f-9bfa2937a561%253A1699760429.7300751%26_%3D1699760429.7336535&cb=1699760429.7336965 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=527678018558166081&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D62afbe01-4457-4306-9b9f-9bfa2937a561%253A1699760429.7300751%26pid%3D500040%26it%3D1%26iv%3D62afbe01-4457-4306-9b9f-9bfa2937a561%253A1699760429.7300751%26_%3D1699760429.7336535 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=62afbe01-4457-4306-9b9f-9bfa2937a561%3A1699760429.7300751&pid=500040&it=1&iv=62afbe01-4457-4306-9b9f-9bfa2937a561%3A1699760429.7300751&_=1699760429.7336535
Request Chain 263
  • https://x.bidswitch.net/sync?dsp_id=400&user_id=c4oQ0PzSADVr&expires=30&user_group=[NUMERICAL_VALUE] HTTP 302
  • https://e1.emxdgt.com/put?d=d21&uid=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 270
  • https://ads.servenobid.com/getsync?ver=1&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D563074%26ev%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25253A%25252F%25252Fbh.contextweb.com%25252Fbh%25252Frtset%25253Fdo%25253Dadd%252526pid%25253D563074%252526ev%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7951105042517337080&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D563074%2526ev%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D563074%26ev%3D%24UID HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Fbh.contextweb.com%25252Fbh%25252Frtset%25253Fdo%25253Dadd%252526pid%25253D563074%252526ev%25253D%252524UID HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Fbh.contextweb.com%25252Fbh%25252Frtset%25253Fdo%25253Dadd%252526pid%25253D563074%252526ev%25253D%252524UID&cb=1699760429658 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=734781309 HTTP 302
  • https://sync.1rx.io/usersync/turn/2480975299383853849?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-eda73f08-cfe8-47fc-80f4-ad20da88b98c-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-eda73f08-cfe8-47fc-80f4-ad20da88b98c-005%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Fbh.contextweb.com%25252Fbh%25252Frtset%25253Fdo%25253Dadd%252526pid%25253D563074%252526ev%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-eda73f08-cfe8-47fc-80f4-ad20da88b98c-005&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D563074%2526ev%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=2&redirect=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D563074%26ev%3D%24UID HTTP 302
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D3%2526redirect%253Dhttps%25253A%25252F%25252Fbh.contextweb.com%25252Fbh%25252Frtset%25253Fdo%25253Dadd%252526pid%25253D563074%252526ev%25253D%252524UID
Request Chain 271
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=59101c9a-21ec-4bd8-91fa-67f15008d9f8&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 272
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM1NTI0MjMwNTYwMjUxODk0ODA3Nw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEB999rk0S0vnnhc0FMmowzs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 274
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM1NTI0MjMwNTYwMjUxODk0ODA3Nw%3D%3D
Request Chain 276
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4355242305602518948077?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-2jSYF5pE2oSdLhwbo0vAreAdL_qFE1rqnv6VfOYYnQ--~A&dongle=0883
Request Chain 277
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4355242305602518948077&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=7bb48e12-47c8-4b40-81b6-c28a98fe4172&expires=10&ssp=triplelift&bsw_param=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 279
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7951105042517337080&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 282
  • https://match.prod.bidr.io/cookie-sync/ap HTTP 303
  • https://sync.adprime.com/43e1480a5bbfaed7f65c886b7abf3062.gif?puid=AADYaU7KoJIAABY6SAH-Ew HTTP 302
  • https://s.adtelligent.com/sync.html?aid=798038
Request Chain 283
  • https://ap.lijit.com/pixel?gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fsync.adprime.com%2F5d5d5430b48420f748430bf7e12aa2a2.gif%3Fpuid%3D%5B%24UID%5D HTTP 307
  • https://sync.adprime.com/5d5d5430b48420f748430bf7e12aa2a2.gif?puid=[HpE8aQZHnRJctJIFQjSuVZ6Z] HTTP 302
  • https://us.shb-sync.com/6c8cfeda-0d22-4b58-a4f0-e4693e530957.gif?puid=0b071f4b-5622-4c12-bd80-a303f3cefd72&redir=[RED]&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA] HTTP 302
  • https://sync.adprime.com/c8c80acb64916865fe4693e65eb88e1a.gif?puid=1b9ccd6e-6955-463f-9316-a4120fc5b870&redir=[RED]
Request Chain 285
  • https://ib.adnxs.com/getuid?https://sync.adprime.com/6c864f9404f4de4243315d07a6053102.gif?puid=$UID HTTP 302
  • https://sync.adprime.com/6c864f9404f4de4243315d07a6053102.gif?puid=7951105042517337080 HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1002112&dspCookie=160ef4e2-98be-4908-ad5a-d9cee1fa36f1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=a5de2925a5&gdpr=0&gdpr_consent=
Request Chain 286
  • https://us.ck-ie.com/adpd175.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_Consent]&us_privacy=[CCPA]&coppa=0&puid=120c647e-ae55-46cb-8698-0c89808f2ac9 HTTP 302
  • https://sync.adprime.com/7b550bad46a07eaf363bffd89522781f.gif?puid=NmlcpHCSQa8mxlft9v0ZlXmGqqv6A9SXqi1y%2BNLOFqg%3D HTTP 302
  • https://sync-service.net/user-sync?pl=decenterads&token=LSDC00hab0FQoPs2&uid=$[id]
Request Chain 289
  • https://sync.adprime.com/f4e2b93351de6eb2b501312ea72b38a0.gif?puid=120c647e-ae55-46cb-8698-0c89808f2ac9&redir=https://sync-service.net/user-sync?pl=community&token=tRyIt2Lh0b0doNsK&uid=$[id] HTTP 302
  • https://sync-service.net/user-sync?pl=community
Request Chain 291
  • https://s.ad.smaato.net/c/?dspInit=1002112&dspCookie=120c647e-ae55-46cb-8698-0c89808f2ac9 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=a5de2925a5&gdpr=0&gdpr_consent=
Request Chain 292
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=0&puid=120c647e-ae55-46cb-8698-0c89808f2ac9 HTTP 302
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED] HTTP 302
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=7b2a6154-3933-420b-97ac-6bf42e3555e6 HTTP 302
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED] HTTP 302
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=0268f61f-9f2d-4c28-ac4b-767767fb942a HTTP 302
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED] HTTP 302
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=00b5f1f2-2da9-4f5c-b9f2-3a3a8373c8e9 HTTP 302
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED] HTTP 302
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=db211090-9845-4e9b-9680-79e46c295ac4 HTTP 302
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED] HTTP 302
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=d9973a7f-ba1a-419a-a5c7-2c2fa3372500 HTTP 302
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED] HTTP 302
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=1c3875a1-59ec-43fd-9fd7-821ef5ea492e HTTP 302
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED] HTTP 302
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=ca3aed69-a9eb-406a-931d-d9ae96feb4a0 HTTP 302
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED] HTTP 302
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=31ade1f3-712a-42e1-abb3-f3822f949438 HTTP 302
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED] HTTP 302
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=f16c8abd-1ff7-4d58-9479-9dadc13e5990 HTTP 302
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED] HTTP 302
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=4ad58a12-9b25-4842-87b3-b830733bc736
Request Chain 293
  • https://us.ck-ie.com/adp571.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=0&https://sync.adprime.com/bed8ee2256b9d59953c5775afad990b3.gif?puid=120c647e-ae55-46cb-8698-0c89808f2ac9 HTTP 302
  • https://sync.adprime.com/bed8ee2256b9d59953c5775afad990b3.gif?puid=NmlcpHCSQa8mxlft9v0ZlXmGqqv6A9SXqi1y%2BNLOFqg%3D&redir=[RED]
Request Chain 294
  • https://idsync.rlcdn.com/710773.gif?partner_uid=120c647e-ae55-46cb-8698-0c89808f2ac9 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CPWwKxIwCiwIARDj8AkaJDEyMGM2NDdlLWFlNTUtNDZjYi04Njk4LTBjODk4MDhmMmFjORAAGg0IrZLBqgYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=e9b4074d3aed417349fbfd3d79d78dfe86e6eab9bffeb1365efe2eab893c0664791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e9b4074d3aed417349fbfd3d79d78dfe86e6eab9bffeb1365efe2eab893c0664791426b5417dce21&rand=00080737
Request Chain 295
  • https://us.shb-sync.com/6c8cfeda-0d22-4b58-a4f0-e4693e530957.gif?puid=120c647e-ae55-46cb-8698-0c89808f2ac9&redir=[RED]&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA] HTTP 302
  • https://sync.adprime.com/c8c80acb64916865fe4693e65eb88e1a.gif?puid=7dace566-e685-4e29-be95-232b1ccbbcbf&redir=[RED]
Request Chain 297
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=1B0D5B12-1453-4D2F-8696-FEB0364AF283&rurl=https%3A%2F%2Fsync.adprime.com%2F09c8e2eece5857c291d6efc800b2a845.gif%3Fpuid%3D%24%24visitor_cookie%24%24%26redir%3D%5BRED%5D HTTP 302
  • https://sync.adprime.com/09c8e2eece5857c291d6efc800b2a845.gif?puid=7ff49eab67024c54a7890b953eaa414b&redir=[RED]
Request Chain 299
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVBJLblgRNAt3w40tQzoJQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAqQ-cwyaEzd691N_OPm578&google_cver=1
Request Chain 300
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7951105042517337080
Request Chain 302
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=KfKztCv-tOAy8bKwLP6rvCuh4OIypbGyLqEDHqJ2
Request Chain 303
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADYaU7KoJIAABY6SAH-Ew&expiration=1700970029
Request Chain 304
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=527678018558166081
Request Chain 305
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=ac2c51eb99df4307b10c426e4ac928b3&expiration=1702352429
Request Chain 306
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZVBJLblgRNAt3w40tQzoJQAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZVBJLblgRNAt3w40tQzoJQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662078219196685
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQyNzYyMDI5MDgxMzQ5MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKpGBMQOiDy0bCYmrguVPTs&google_cver=1
Request Chain 309
  • https://sb.scorecardresearch.com/b?c1=2&c2=38584006&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1699760429534&ns_c=UTF-8&c7=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&c8=Drugs.com%20-%20Prescription%20Drug%20Information&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=38584006&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1699760429534&ns_c=UTF-8&c7=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&c8=Drugs.com%20-%20Prescription%20Drug%20Information&c9=
Request Chain 310
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dadnxs%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=adnxs&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=7951105042517337080 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=adnxs&uid=7951105042517337080
Request Chain 311
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Request Chain 312
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=6d1855a9-26f0-453b-bc73-d2a6d2528e8e HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=6d1855a9-26f0-453b-bc73-d2a6d2528e8e
Request Chain 314
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Request Chain 316
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2480975299383853849&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Request Chain 317
  • https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D HTTP 307
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=fd814904-6659-49a4-b9d4-43a8f8490919&gdpr_consent=null&gdpr=null HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=fd814904-6659-49a4-b9d4-43a8f8490919
Request Chain 320
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZVBJLblgRNAt3w40tQzoJQAAAgYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZVBJLblgRNAt3w40tQzoJQAAAgYAAAAB
Request Chain 321
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=4cab2f12bd041305&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF_WCOsKyEtwM064wNAAAAAAA&expiration=1699846829&is_secure=true
Request Chain 322
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715485229&external_user_id=852a99d1-1ae9-4f6d-a492-47f416100a17
Request Chain 323
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2480975299383853849
Request Chain 324
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=f7d9b090-ba3f-3671-37f46755
Request Chain 326
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TsQVy5XhU41iMArRnN9PSgW16oY
Request Chain 327
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=397e85c6-810d-11ee-b26a-b7870c09b7e7
Request Chain 328
  • https://cookies.nextmillmedia.com/setuid?bidder=ix&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ZVBJLblgRNAt3w40tQzoJQAA%26518 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZVBJLblgRNAt3w40tQzoJQAA&518

337 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qw.jinghuashuiyao.xyz/ 		61 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6074e92dcd27d77d75203bc552e905d3437170d66509ad7d7253a8aed0ae78a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
824bc0cc7e788cc8-EWR
content-encoding
br
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
content-type
text/html; charset=UTF-8
date
Sun, 12 Nov 2023 03:40:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WM2wXyF4A%2BHSejvlHfywd6pu7X3Gmq3UkpzAaOGIlZvWN0ADOuruzSpjWqk%2FnRO3Nwh3w7Q2Wg50aqleJ0XMuxgKd6UIzNy7o%2F1vWsRcaIujRweKjDvhrvvassic3FC5p2A5zHxO66U%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000 ; includeSubDomains
vary
Accept-Encoding
x-cache
EXPIRED
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ddc-pack-site.min.30f4512b.css
qw.jinghuashuiyao.xyz/bundle/css/ 		76 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/css/ddc-pack-site.min.30f4512b.css
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b7de7c12636a3d0620866c7c429c90f9c74a4607ee01cfe34cd9af3ebc9d12
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 21:30:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aulT%2FbwL7GEJY8oXvGqy746dqOaQP7gjiqtZmYAak1%2FdS3AW41q99zdvwz3eSYMPFbNu9V3hszBmcA5M4A%2Bh0bXVRGyOLyLB%2FFVBL3qcyVlHCl0LxfpE%2FxFbHJUZqouXqVDsW2IfssI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
824bc0ce28418cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
component-card.min.50309c5e.css
qw.jinghuashuiyao.xyz/bundle/css/component/ 		1 KB
711 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/css/component/component-card.min.50309c5e.css
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e63398a4709901a9ed37d81a8665c42f39b2fcf346edebddf087f47f506d555
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 22:23:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzf56KKCDZalCHcFFb9XE5bWQTmmXVPGDkym%2BFTTB%2F421tHAuum8%2Beyxchua%2Fp58i8UragMHjC8Np6csylmo7z6RXtfJUKxzGXquVbH6FseUj5a%2B43mE2mPTPOylXBG%2BSlehIhzDoo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
824bc0ce28428cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
component-paging.min.3a85ed58.css
qw.jinghuashuiyao.xyz/bundle/css/component/ 		2 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/css/component/component-paging.min.3a85ed58.css
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8725ee1594d040c4c70772d9f5c3e6737d5bcd68abb95dc7402886d0f9f1e2a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 22:23:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zFRq%2FxkAwMUfF0%2BX3vYCFFfJ2Abq%2FEM248LRiHyZPrJGEDqraH3jRFeILXXgC2GAEkwSz76w7uftvkX3Wld%2BVtftdvIortuZSd9twHoQnX4pp1jXGxe11PbQp5BpFULeENRa4v920U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
824bc0ce28438cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
ddc-section-home.min.8d23ed11.css
qw.jinghuashuiyao.xyz/bundle/css/section/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/css/section/ddc-section-home.min.8d23ed11.css
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb859d1e70b4e401a0a119f4d62620d6550375920b112bca287a21e0075d2140
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 21:30:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4EHsmKR4n%2BMVQ9unspq%2FtAP2HJ99syfK%2Fuh2mRFo9%2BYQF0AMXTc9LsaX6YqMKMirW%2FWX6C%2BHxfNtYun3lWnb9qmmoeSnFohcmnlGv8tmET3Fg1ABpTIgmwyi1tengKuCgjuML%2BtDAM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
824bc0ce28448cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
drugscom-logo.svg
qw.jinghuashuiyao.xyz/img/logo/ 		17 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qw.jinghuashuiyao.xyz/img/logo/drugscom-logo.svg
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70160cad90376d811ed50a4dc3a94f2af4424a6547d3d045727fc9ce875a4b5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jul 2023 23:07:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpmMyj6Ygk7KvzY7OtmmaP63T1RwG7leH1ENemINSVP4y8yeUXvraNu7YwnFzquLBv1N%2Fw64M7HKp45QNihUTUa9nobO4keNeL0Lki4n7sQZgFMC8YSIfC3fv6J2mpwidj17axbNdnA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400, must-revalidate
cf-ray
824bc0ce28458cc8-EWR
component-carousel.min.71388709.css
qw.jinghuashuiyao.xyz/bundle/css/component/ 		2 KB
914 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/css/component/component-carousel.min.71388709.css
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
302e6d877bdd1efc1480882f4107cac5dd53a010f580da8aa1e5ed3358c39dc2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 21:30:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHRi5vtFWmslkvO2MOpEryGmIfvK28yl9lo2DYpIYDcuLl%2BcBLx4akB6qEtRaES9V1DClNMKJ1Pw0IvjLmlkUJwwrWQmW1E31o8AgAUtMdaYVyt7WHbn8K0H1Qx1oHo4tlZBItLCRV8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
824bc0ce28478cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
harvard-health-logo.png
qw.jinghuashuiyao.xyz/img/logo/vendor/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qw.jinghuashuiyao.xyz/img/logo/vendor/harvard-health-logo.png
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c6309c794c03727a2a0a12d691b90ad9596ec646b4e8a91c41cd2c425a74a28
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
7014
x-xss-protection
1; mode=block
last-modified
Thu, 24 Dec 2020 02:21:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wris6U4v4eT31mcqwIW8XU87ZVC146I6UbKBDKH%2ByW63s8GO4uhdUd3QG%2FnlVcZZR%2BeV0rTVZspkw1CIgra3vNKzhUbFybd8owIFWsNTbx%2FQAxQEYUwyrLKfQHNy5Gj%2FPuPID%2Brag%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824bc0ce284a8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
cerner-logo.png
qw.jinghuashuiyao.xyz/img/logo/vendor/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qw.jinghuashuiyao.xyz/img/logo/vendor/cerner-logo.png
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be93d0e46d4144c4b0b9cbda024955547af68c15c3748aebb7f860a4eda90ebc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
3125
x-xss-protection
1; mode=block
last-modified
Thu, 24 Dec 2020 02:21:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4c2abDGDZuQCVOcNOm9bSj9gM0oUj8v7RJ4DTMlTOPESPh7CgwoJtdPA8WX33EiBCZ0rzAZIPMx6ikVN7W%2BDocZysqvwTzrqap9P%2FGFD9X7DFNntrdphEZY5gaSqazNWQaO2eq0tudI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824bc0ce284f8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
ashp-logo.png
qw.jinghuashuiyao.xyz/img/logo/vendor/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qw.jinghuashuiyao.xyz/img/logo/vendor/ashp-logo.png
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6004a21148bd794cd3eee62b8b2fad2e61250849fc33028213f677328f9f9588
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
1686
x-xss-protection
1; mode=block
last-modified
Mon, 14 Jun 2021 01:38:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gh8D6mfUl29BxwJr37UBVhEANvLDFy2nivB3TUmmeloP0QUsaBgAkBRJBSbjUc130NPAujxoRhfoeT2Eqb518Z3U5uaZ5VtKjWBBKDAyZLDcbLY0TyWx6mPgOxynyxkUWSx5EiEDRlo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824bc0ce284b8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
thomson-reuters-logo.png
qw.jinghuashuiyao.xyz/img/logo/vendor/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qw.jinghuashuiyao.xyz/img/logo/vendor/thomson-reuters-logo.png
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
643da886b56a5f7c9178072d6e09ac2f8f3a0616c3ba77b26f23b8fe0f44248e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
4963
x-xss-protection
1; mode=block
last-modified
Tue, 16 Aug 2022 03:08:09 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sil5OnzmgBTLOlkV7vNFU5jV5Y2oI7O2g4ZTA0dPh194Ovmywv7lBRehD0irXt5ICP9khLBXGhDF6nnwWv0qBvM7JewRXhZid0Ewf2AGby6%2Bx68T3dazpFve1cOkPYdjoPLUOUwkU8A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824bc0ce284c8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
support-print.min.ec5ff17d.css
qw.jinghuashuiyao.xyz/bundle/css/support/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/css/support/support-print.min.ec5ff17d.css
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1eeec144b3df0ebf447aa9d858083a057037b3be912bf9f8ed3b955b58b0afc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 22:23:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ht2myYqVrc2wbUijsRoRnCQA24CToXWlQzwPUkJr%2Ba9zGbvUtdgYn8GiInexTUDSyUHBIZJz9i9F%2Bf%2BJBCJZxJ2qFiTQvfJAnW4QF0W18IWtEuV9n%2Bsw24jfEnxj66Lh29TdLXCR4KY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
824bc0ce28518cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
cdf4b9289a5e3571bd55b941f67d4e2fe52b735b0ea762a20638c10b52e091ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31167
x-xss-protection
0
server
cafe
etag
99 / 19673 / m202311020101 / config-hash: 5108900474499610176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 03:40:22 GMT
13482_drugs.js
ads.rubiconproject.com/prebid/ 		495 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/13482_drugs.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
cb5a1a8f21316aed98fe4b2857d98046758a8425da30ba1d43d8cc2af0af766c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-encoding
gzip
last-modified
Sun, 29 Oct 2023 23:28:32 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
143718
expires
Sun, 12 Nov 2023 03:40:22 GMT
config.js
cdn.confiant-integrations.net/UEWeDkhzdHOmsrWhvv4ZBOs8vy4/gpt_and_prebid/ 		148 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/UEWeDkhzdHOmsrWhvv4ZBOs8vy4/gpt_and_prebid/config.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2191feadd12f1220f10c2e8f27f0f4bb27610614acfdd4041830baa076da8b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 12 Nov 2023 01:54:45 GMT
server
cloudflare
x-amz-request-id
BZPB9B2RS7HBBVFR
age
572
etag
W/"8e42a9e106e709024a1c6fd03939d9c5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
824bc0d099810cb1-EWR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
cefRcIeJRugTI8+Ra71rTKr/cDzpHnU/IaAqIDeRIMekbRI1Af36Nm0kzlrTI9vjYRom8pKEIUI=
main-primary.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		609 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-primary.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556fd7232f156150955b4e36d0d474e2efde5c9c191dd2e80aa48aecc44e93ac
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGveXP3uJ0Of0oxPgiNp531TZl0YqqypsGOLvKJVtV2X0%2FNzPdRSZ17xyp%2F1SLFF3N4KfR5bnN%2FK8%2Fv0IO0V%2Bp2l5TuQMgxiLaikhpgErVf%2F3AGt9e9ieFvSrDKhI3aKktsEq5KkllU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0ce68918cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
main-secondary.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		739 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
355b777aa74b2d41e9dc2ad7a862d121fe62efff1f1e3f6a49eb152be2f83e19
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MspNDgOu4mEffOTsO%2FYvR418xDCYV%2FmP%2BA1JynXtO70WwL4sGYCEd%2FEfU%2FrUNfL7TnEN2DXnpBt9aDHq2c54x0tWk2jaN1Wxqg%2B0MJOgxIkAODRiaQ%2B3%2FAa1IoS0fh%2FzPlOQzFb4WV4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0ce68928cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
drugs-az.png
qw.jinghuashuiyao.xyz/img/home/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qw.jinghuashuiyao.xyz/img/home/drugs-az.png
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
267114d3550473bf50577e0b880b01e2f6cd808ce81464686328fc5bcbead673
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
3166
x-xss-protection
1; mode=block
last-modified
Tue, 17 Mar 2020 00:18:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSOTL6OvepHnn%2B8u1E7pYYF4x%2BuAvv%2FV3quA3il0tPOKNa8iZ08XsMcPS0MRqH1JNDOoi4%2FwaWxguLxwOsrWDwl3UAjs7w%2Bf3ZeWrEQb7GcTULVh45XZUvBlnx4zRDJYANJH0x3o3h4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824bc0d08b038cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
pill-identifier.png
qw.jinghuashuiyao.xyz/img/home/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qw.jinghuashuiyao.xyz/img/home/pill-identifier.png
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44469349f017f41be684863526b97656bbda90042a78225b24b6ea7b51b0e44
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
4374
x-xss-protection
1; mode=block
last-modified
Tue, 17 Mar 2020 00:18:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk8SlTugQW8MPXBHRbXc1SU2KKQbCzvY5RSm19CFSzuVA2Tv32eMzUuRlQYa6%2B2Qw%2Fl4gJDA7u3xBhZCN%2FGQBEYDhTjL7bbRT%2BU7Akqf9OjMnmFqnhC4hBGzj%2FbpVvMgJwCEEB1m4Eo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824bc0d08b058cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
interactions-checker.png
qw.jinghuashuiyao.xyz/img/home/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qw.jinghuashuiyao.xyz/img/home/interactions-checker.png
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa0d6e58c3c27a0c304c8dc68ace319962e8e325e1365ba2436f8e15e3014d51
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
4752
x-xss-protection
1; mode=block
last-modified
Tue, 17 Mar 2020 00:18:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyCnZCTZg07kSlxAcK7yTQtR2gC1qE72kd5Ya8gqfi043AIvov50YFNk0ET5ZeFYJ5jNLgFBoSqOGQBFiKovRbR4z8j%2BtodUB4VKsKeM1E%2B2lhJKobN7413ybT1DhGv%2FoK2ktqrga6o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824bc0d08b078cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
side-effects.png
qw.jinghuashuiyao.xyz/img/home/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qw.jinghuashuiyao.xyz/img/home/side-effects.png
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ba6d43a99b58111bd7c3a3407b59738cf2a6610889f98aaa17bedbf852071d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
6367
x-xss-protection
1; mode=block
last-modified
Tue, 17 Mar 2020 00:18:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLgkyCwjZ%2F3LnzCAgF8xCgNW0p%2BXu5YyyvL17eyh7mzrgrXQ%2BJnFVnpeKeW8ZbUAipwDKWX6NproA2meOP0elKI0%2BYN62eeiJPbFS%2Fo%2FdR1BRRUN50DmS38%2FqsSn0Ix%2BbprbFqWVFmk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824bc0d08b098cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
render-header.js
servedbydoceree.doceree.com/script/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedbydoceree.doceree.com/script/render-header.js
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.68.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-68-54.dub2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9609a8009222df24fc798caa921f29f0bb6d243181cd375a132fa992b1349ad0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 11:03:35 GMT
x-amz-version-id
6.J6xJwF1sbf12b2806_p0BtY1wSo5Xs
via
1.1 f859788260c3dac1c04017b23eb46048.cloudfront.net (CloudFront)
last-modified
Mon, 26 Jun 2023 13:46:20 GMT
server
AmazonS3
x-amz-cf-pop
DUB2-C1
age
59808
etag
"0268c392279cccb8989e3427bcdd9060"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
0
accept-ranges
bytes
content-length
16008
x-amz-cf-id
2YWFBdJXxvpJnp5vMRFZHWsYpEB6Uo8ZEbSRnqMpAfBgd-WEWhzM2g==
debug.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/debug.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10be238c60be5bbaadb03278f672c655f482f5f0ab314c544e9f5bf8ec16c18f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-primary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZGM0x39bHvKWkii0%2BHVPW9mIDbrT5wuYS5yBtFOZxCiixhflOgafkg2C9I34JlcIozcHrlL%2Be7wQKqXq03ms0%2F%2BklJPp8%2BBJ%2Fn9Muxt2pmWZ6wtvy7dzGrAeZfXJ5D6ljmv3Fqv6cw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10b9f8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
error-handler.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/error-handler.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3c2573e4e9381f3c49b607f5c8364a6977ab4bfa81ce93782e5c28691d7320
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-primary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYKc8jUoS8qJ3f%2BYjtX0cAmmEpZHgHmyudbqW91pgYf%2BqRXEepfk15FWyuCri%2Bcr%2FOsmi7gqj48v%2FRUq4cpLk2ku8hSDynQURrmhkEEoMkIDHHfS6KvDjblXcWB4NpnWI6vwsgHd%2Fwo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10ba08cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
fixable.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/fixable.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3993e2c76f427551e636267998692d22c826d3a09312e50b8dda1cd88035dcc6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-primary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRkFP%2BKBM5NlP0h6cdMNo4g8kb9uw2AxMIItroHT3WowxQjFxyr58C0gEgaUc4aLsJ8OkTQEDTlOmY9gTMfnWU9U2PWnufBjAgd21rVjoGo4POv1FAl1zjFyEGlIG%2FAAzYfG3mEH9H0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10ba18cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
load.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		2 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/load.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66cab6980c777d2dd90aaafb84228583ef72ce767173feedb1acba98f2ffe732
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-primary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsoecYgRk5cT1ExEHJI0j%2BLR1muDilUxEDxr2HZSXRe3AlL%2FZziPLENE6o9X0WSjhPWPKrHeG3VTJnmdHybzypUvU%2BhRUTXNTUd9GTytygn3SRNek1Tq3ysptBSZrfxDGccRgXE3TDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10ba28cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
user.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/user.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f056cd93627af37e9c1b0ee1b14d46b55934141a38cf5f1836f4062d65cf4fc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-primary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhkXGMEw7rFrgTT0sPMEWQv09fuQuCgSm05kCEehixSgozSpSIq%2FDdaraL52awnjNdPKIWuK9HMLj8T%2BKsplfu9r5pDpD6%2FDpnKCnMpABp9KdbjF4hEJihs2rvJ36qCGNLOuDlJjWNo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10ba48cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
analytics.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		273 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/analytics.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9954fd3b52f278abc8dde86147713412ee6465da511c1d657e996cbcf325dad2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Z6aIJ%2FO72RWVpkYBOyBz6C8hZvAg2mqXapZ9dNsPu44dfLsIdhSSTBIgTdoHwzjQD%2FAIOynlGFtLf3%2BQuty7ejceZYRr1jJmj2H76MISDvFPurzYz%2BsihTXH7EluKmD%2B1S9A74mTh8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10ba58cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
config.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/config.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5adbcc6ae6b3759cd66bf89ab54d2c285be905ecee3d184bf6bf566c6d9c649
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JP6MTkDqWqlXOeXRK8Ea%2BIf7kiLXRAXKamNb%2B5gJ4pf3vM32niFdXyI1LTq7nthce34TY%2Fsrey7qoqdvRoXef5KBwogksTkcuxaLXwaT9QTM1sKs8BPEUtI%2BIzUfAKZVESMFz3qFRgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10ba78cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
drug.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/drug.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5c1f4d01973414023e9c25451a6828a5b030e0e04dc0e02c60b48f62fb50d19
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQ2g6fli05%2FtP1lezALUjwQe4AMMJt0mvufa0AgVxTlPlqtUeZwoIYx%2FY4ZmhLZVi%2BxS3U7YAZcGpWkaHOzO7%2BDine94VksdVURTNOHrAiehblyCWEkjpox2mHS%2B1Je4nPv6HgpvmB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10ba98cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
image.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/image.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457a6f9d3d9fb8802a3f1485e3a824e020aec0efd274f86e8d57541ddd2bfb16
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AM9wpAfXbMJdyTwBKzLlu5NiFJBJCmhavvrbRU89gFFIJ6yiv2SWZswfzm4lgHpm3IjRFMuoGUJ%2BGdNkswvyRvLXxd4JWAnS0cG0Zy%2FAu8XOVYow1qZC1di8bZa1GqVMwV9qMbfuNpk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10baa8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
list.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/list.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b90a9030c5ac8efca3c295514efb935f3a6941070185827428efea845343807
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsXg4dH75ShvLqRaSd5sUwIe8%2B7Bc2ndRSkQneD8DyNUocp%2F7Z3roc6xOvoeZvoUDLEaU3vjMDRibuzPZSlzoY29QaMRk%2BmZHURYElWjZfnymsSFxgUHPHmIwyY1X9UrSlYsww8bQjA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10bac8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
log.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		469 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/log.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80701786be134c36480da42d310f2d3e08dd6f15a75d9174d56cce9b79fe42c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skIyAdPj%2FPIkOcV5cwi0GMhr5zFzR5%2FzCKoARAMPYQmcL5GnVPNi1GJkle3AUjsUNZF1w%2BhBPoarCiXmdOFwq%2FQOoKHtHXJx%2B6qNSSDwL4zYPaF3An9NkZIIGTAYgehckWPhCQqE3Yo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10bae8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
menu.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		584 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/menu.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5439a02adb83f02029a408858ee77b02ce17bb75bb12fae41142a933078d2bf9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1G%2B%2FF2YdDsMdMZaXz7A3oKOkR5tj4LxZo%2Bxlsr%2BnLQfRiZCSL4YO0Gzw0zkHAdapMOXohhb%2BJSSvZ1rdoty%2Fbtufe3CwYypExORi22XIZ8IAZmFFe2YCvBRH%2B1nrJsuhvnqVh7HzA0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10bb08cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
modal.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/modal.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25a7097f69e4df69a8ca5325ad763a9b3ca032fdc0ad0b3a47c3c115ba70a242
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZObdlT%2FgeGm87PKxyewDzEXwcuocvWAZwlOdnpo0UwpszL5RN8cIscBgI5Bswrsd%2Bkwdoq58GvaS9%2BrvyILDcPGFuc8VUkkJhQKsYcLJ8uHPX8r2L2OZIu5E%2B2l7Lm3QvI8Al976dc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10bb18cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
native-app.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		2 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/native-app.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad1c1e63a538a85f4503152c82646500e335afc4b00a3f1babdb88bb61bcd820
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElUIeUQuopms56hHp6iREgaNupPzLjzDjg6PAeAfwWakEOchopHm0KUEZUwm9c5ZCjDF0FmzfHaQgiPfuD1h8ZRAgNUn9tjByq8Ah8I65sN3s3%2Fx%2FGAWhjCZ72ZXcvUi4VGr6OT8QmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10bb28cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
page.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/page.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b158ba450d723a2aa4a4606f2ccf2e912cbc7172c9d3edd041aaf52028e6d3ee
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xx%2BXWpqRmDhGI2fr%2FlAGP2SukDxnIDaX5BEpyc%2FzwVueOS5M78qJtnukqKABkEkYQJxtrLXvYgAUJZimO%2F3WHFKsOolCTO4Qpp49UDBeYAv%2BT%2FOnmkhDRJHRYFqlY9vRIUGcYpz32FA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10bb48cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
subscribe.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/misc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/misc/subscribe.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b92018605293c8ece49787c4f5a5f60094f0c456005fc7e3cf8765701e4c969b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=606LJYng2UI52gq1eVOOSyq7OfKpiOWXZExaga%2FGiRe5JGXiWT7sZapYIiLJ9523BCcPF1IAppvdg5tI64BMFlmnynASkPj%2Bs1QFJSh2e1%2BZ%2FIYWjoY62FjWqWXiNfI8duuK%2F0AaBUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10bb58cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
toast.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/toast.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c6997ca7aad236319ab206986cf56fda0b507fd881c4f3728c2206052e9341
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-secondary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1B2FQ%2BTdKCQUAAyJC7SQIiXyNHGB7RpOceS%2B%2FE0pPaxwvZUuylcPL42Os9WVUa4SdkeD9km0RP9%2F50YDhMH2aUqsVVO1UeFSw2YXguNmJeCVhXT8ir%2FRkkSBpiC6YBaVOyp8WZAUps%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d10bb68cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/UEWeDkhzdHOmsrWhvv4ZBOs8vy4/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
R9E02DEBK6NN4VBG
age
324087
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
824bc0d139e10cb1-EWR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5X6mIw9uvxKGlsdXyRAken5G4Zd9fEuffD44gnrZa4UlhTyz/K05VZvRXa5Az2q1Csx3y4t6m6cDIOeenzuoZq30nGisnim9eOoPP+m8LtY=
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 		426 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 15:19:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
44465
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136626
x-xss-protection
0
server
cafe
etag
12374074705736737879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 10 Nov 2024 15:19:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		54 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=qw.jinghuashuiyao.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
bdc4614dfaa189dddcb1d7a60014e8553b5c378ad5778f2f9e4e2505507647ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58
x-xss-protection
0
expires
Sun, 12 Nov 2023 03:40:22 GMT
utils.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		847 B
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/utils.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d668fd0277565536711718c67a3dc95cd347b20e5ed46291d5adf6ee14b256a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/config.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjXrP8BXOGP2cV8FQwLzGfgF5c8ReXiV2PEVv0TVP1%2BWJavLNRoiajoA381Kha6d1kLh1gKp5d5Uq%2F0lu2m%2Bd%2FyrXr%2FIukmPXAgLCFFIlFG6ZQC8sLLGNWHeBoCkrwfMIs3HmTUG0cc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d28d6b8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
api.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		1 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/api.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94c2f24613b00b6cfccb589e92a0ff1e7a36663b646599386f89227f1746635
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/user.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvbqpDVYvT3jQx5%2BgE70cVdeTud7NfHdkPeCr4tK3HFd3dKCcx%2FzcnseMrNwo6nFVNhcjyL6ivQ1QlpNiTpoBltTstT6ur6RqPei0BcYlT2ykkNUYQpR%2BLnHuL5bB93X0wjz4w8ZWXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d28d6c8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
cookie.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		550 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/cookie.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ef8beb4e30e846a576ba8b2d79d9f99ba9ab7c6b0e681f66868a220dd435a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/user.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:22 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuTZWSYShVHABauKL%2FU2m2NPzdDuBw8x3aidQFo6tzsfcZHcK3r0AnCRa7R7E4QgXplFppvExGGtynbRW3eTiklnUMdtTeE8%2BG7Mtpd%2Ff56NRazieLQcKe6soAENt3dX0Up8UaQkR5M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d28d6d8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
intersection.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		548 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/intersection.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f1de85c4ff6082c076c544eb00a4b51ee994ff5b000f6665de1765c4f7638c2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/misc/subscribe.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZPyYWvjkWnvRXQDZJGFB3wCWOyydJ7ja2LEECNZHCxo5YEAgU0zFCJJWSr%2F62XthvtyHCS1oi2Es2%2FsQbmEhTpEel81p5nBavaCArY9EpDUAowArU5%2BRvky3qJ9ItzLIlGXRkaIGs4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d28d6e8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:22 GMT
helper.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/helper.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc5d1a34635619097dfed02de576b2442fc152aa58d9348866d1610a78bf5ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/log.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99tAnEcLj8%2FjmnhR6j7b%2FPB8HUdoPNXX8o1GM2TGhFPNwhi78%2FBGQi31DS5y2skNaKmdBsNoPEou2MTv0QNCnENLPRm2YAk%2FQjeBdkej3cdY8g7KyZzQKJ9P1mr43uhGuI%2Fa61hdvhs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d28d708cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
doceree-init
bidder.doceree.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bidder.doceree.com/v1/doceree-init
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.242.36 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-242-36.us-east-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://qw.jinghuashuiyao.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With,Accept
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-cache
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 12 Nov 2023 03:40:23 GMT
vary
Accept-Encoding
doceree-init
bidder.doceree.com/v1/ 		70 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.doceree.com/v1/doceree-init
Requested by
Host: servedbydoceree.doceree.com
URL: https://servedbydoceree.doceree.com/script/render-header.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.242.36 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-242-36.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
fb9b9ed77b8a83d90710061bacf4117d03f47f8de42c8dced9b954723fa894c0

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/json; charset=utf-8

Response headers

access-control-allow-origin
https://qw.jinghuashuiyao.xyz
date
Sun, 12 Nov 2023 03:40:23 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
70
vary
Accept-Encoding
content-type
application/json
beacon.js
www.medtargetsystem.com/javascript/ 		224 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medtargetsystem.com/javascript/beacon.js?1699760422964
Requested by
Host: servedbydoceree.doceree.com
URL: https://servedbydoceree.doceree.com/script/render-header.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.89.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-89-222.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
5aa1aca02ae3f8c01293db6e61c6087fe70e1307023144c6cdbcd7161b51f661

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 16:20:53 GMT
server
Apache/2.4.7 (Ubuntu)
etag
"37ffa-5edacf91ae340-gzip"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
56254
tracker.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/tracker.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-primary.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36473a2334c8454e35b18200de2aacd09ac2b9a786633f555ce4309aa15357ae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-primary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQBZiK1j%2F8eiLjJXSCGia5fYtH6IIL%2FW0hkhAxdDKhnHDWxp5OV3Xyom6rffj15UeE28WviayoGpzul707lNewYCUULO7feQxkdefKeLInOGCyTiRdpU3of4CzjNybcka0nGQzAJZ9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d42f928cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
display.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/display.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-primary.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046648fae0bbef38fa6460e3f50c14bf0827143b5d4afa99b672a28ecb60495f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-primary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elxrWb%2FGc1AdB3dVToponXSFvyZA1Xsxfma6w2AtU5xKtXjJI6ZOIpYkxP0Ye%2BvxDWZJOLpd8TsZhjR7SchPJheh1sKULjKqvTQkdDiKe0V8Bagi6iZiliYlHDFiQ%2BCsAwLUtyAuxhY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d42f938cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
injection.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/injection.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-primary.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98c02ce70cc3fa8608657e8a8efec599a3e95d1c8fe781e8f30f54ca9ffb5cbd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/main-primary.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1SzNqpgGWFdOE0ZPm%2BdKB%2BtDgPySg40sohUIJBfsBKmkS1oTze3jih7r%2FrdkcBqQeBWX%2BR%2Fm8%2BbhStSYoTHadK3L%2B47EwkUPJTp1t%2BK4d4uZoANMvLpOncP2OA%2FGZ%2FVCUKCx9a2aPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d42f948cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
carousel.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/misc/ 		1021 B
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/misc/carousel.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d1d3673c86b1a9123ecbaa9a4a1686686b473d52484025ce3144a831cba6071
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/config.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFO2fBPjCWOUEAjGuH0rgmh2ZpT0NIDAm1xrjRAFRnR%2B%2BBMegoGdCy8I1WoBrJFqZTQus1H3CBBYadwfRVf0e6LFbiRzdOJQIVl1Iby22o%2F4lE3xSk6vgO%2F%2Br2v3jBVBebUDPA17Uak%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d42f958cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
tabs.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/misc/ 		533 B
560 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/misc/tabs.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4611c657652d0a2d8ed994dfb79a7a25aa0f88115f7071d82a4579adf201a485
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/config.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKuR5QMaWDpb91wa3GXfbtMW8lqB99qfZ98YGyH7wLQf1xUwXsT00V1SlpqQ0ro7RClhgV26nQCdWln%2FC7kXySwnzVP0L9SAt2EJFfNW3jM0jO5XiH7FcZaSJj5z%2BELyPBUgKvrAWxI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d42f978cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
/
qw.jinghuashuiyao.xyz/api/log/dw/ 		30 B
917 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/api/log/dw/
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/log.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05817eec44bc80fdde558b15bf0508294ab4493257de9478ad44cae5f41a9f47
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
30
x-server-timing
0.00240
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmUkh9B7TBXIdtSj%2B6ve2BNwCfnhRn%2FN%2BJYnQ9itpgdhMtLILg6zRVxl4csIwGzU84TbCMf0HABu3IzokWdbq%2F4OiHs3SpjBnXDYXj8aWkde69BNjs1ujH0Veejr%2FNAYDsDsDZTNQ8w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, max-age=0, must-revalidate
cf-ray
824bc0d42f988cc8-EWR
access-control-allow-headers
Content-Type
expires
-1
/
www.medtargetsystem.com/beacon/portal/ Frame 17DF 		432 B
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&_sid=06a872a8-6054-4147-b772-561c7b055fce&_vid=cf85595a-b76e-4a66-b68b-8cc67817b44c&_ak=160-2655-D7D48E5B&_flash=false&_th=1699760423|1699760423|1
Requested by
Host: www.medtargetsystem.com
URL: https://www.medtargetsystem.com/javascript/beacon.js?1699760422964
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.89.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-89-222.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) / PHP/7.0.19-1+deb.sury.org~trusty+2
Resource Hash
bee39f9d832a241f2d48f7c48f31dd2b270b75ae1c5cdff370b32ebea8216928

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
293
content-type
text/html; charset=UTF-8
date
Sun, 12 Nov 2023 03:40:23 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
Apache/2.4.7 (Ubuntu)
vary
X-Forwarded-Proto,Accept-Encoding
x-powered-by
PHP/7.0.19-1+deb.sury.org~trusty+2
x-robots-tag
noindex
collect.gif
www.medtargetsystem.com/analytics/ 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medtargetsystem.com/analytics/collect.gif?e=1&aid=&vid=cf85595a-b76e-4a66-b68b-8cc67817b44c&sid=06a872a8-6054-4147-b772-561c7b055fce&vh=1&vt=1699760423&pt=1699760423&u=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&r=&t=Drugs.com%20-%20Prescription%20Drug%20Information&p=1610.60&pm=&ab=&ak=160-2655-D7D48E5B
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.89.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-89-222.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) / PHP/7.0.19-1+deb.sury.org~trusty+2
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:23 GMT
server
Apache/2.4.7 (Ubuntu)
x-powered-by
PHP/7.0.19-1+deb.sury.org~trusty+2
vary
X-Forwarded-Proto
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
expires
0
tile-banner-fda.jpg
qw.jinghuashuiyao.xyz/img/home/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qw.jinghuashuiyao.xyz/img/home/tile-banner-fda.jpg
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
566e7d9dd5fa3c02b14b635aec3710d62bd06b1c5ada31a7b814cc62e1c0c403
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
9590
x-xss-protection
1; mode=block
last-modified
Fri, 28 Aug 2020 03:42:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AlL%2BPGxjlqQU7Amyq%2B1fTbZ8pOR2NxRdPiH2hVbT1xQqjQPzQ6V8RtYaumyCyN7qTEuLmFZN9Q6tEyeprCQqm41BGlJcayRFGAlRbeqV%2FXJVC%2FBmNPML%2Fq2IwajXZJOYD58mMmCWXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824bc0d46fd08cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
tile-banner-new-drugs.jpg
qw.jinghuashuiyao.xyz/img/home/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qw.jinghuashuiyao.xyz/img/home/tile-banner-new-drugs.jpg
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e38538f00bfc2ce1d678ccae963e6005b2a832fe14fb77b882388fe5ca5793a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
9319
x-xss-protection
1; mode=block
last-modified
Fri, 28 Aug 2020 03:42:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KW0Gp80E%2FFj7tK7IkmFf0m%2B0KmE%2Ftu23oQF5D1yKAc7VETemNbRHlxUe7HGrm1VrsyAZIuJIcsXFtlU4RhDXvktGxe4rs8Jua4X5zeuhZM7YpirNECXzwEnTq2GJa5RCEjUz5xpmRCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824bc0d46fd18cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
origin.jpg
gumlet.assettype.com/healthday/import/23626551/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gumlet.assettype.com/healthday/import/23626551/origin.jpg?w=1920&h=1080&mode=crop&crop=focalpoint?resize=320:240
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.27.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f53c60ef8be6f024b095b7a29afb986feee3454ce153b9c6e86d939023bd350e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
10543
cf-resized
internal=ok/h q=0 n=30+144 c=1+339 v=2023.9.8 l=10543
last-modified
Tue, 27 Jun 2023 09:30:33 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfpoPEmQdCrkNL5c825kZQNVNYGYhninLN_tnqR12-DQ:7a6332293bbe3b85a7b708ce74e56f68"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000, no-transform, s-maxage=31104000
accept-ranges
bytes
cf-ray
824bc0d679310fa4-EWR
hd116033.jpg
www.drugs.com/images/hdi/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.drugs.com/images/hdi/hd116033.jpg
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.67.4.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-67-4-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
734a70a732e64363af59212d72b9fa2134e30cd20f9d53396e931359c5b85be2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
last-modified
Sat, 11 Nov 2023 14:05:04 GMT
server
AkamaiNetStorage
etag
"8a3b1ba561eeb9fe9f85751511ac23d2:1699711504.045531"
content-type
image/jpeg
accept-ranges
bytes
content-length
82007
x-xss-protection
1; mode=block
hd116032.jpg
www.drugs.com/images/hdi/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.drugs.com/images/hdi/hd116032.jpg
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.67.4.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-67-4-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
44bf16996f8ea27d0bf7445853ab7d2c0cbf8f08ec3e6b296e97743d83f4a2ac
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
last-modified
Fri, 10 Nov 2023 17:55:03 GMT
server
AkamaiNetStorage
etag
"ad5fe806195935eab4f9dae601a38c85:1699638903.953593"
content-type
image/jpeg
accept-ranges
bytes
content-length
86293
x-xss-protection
1; mode=block
insync
thrtle.com/
Redirect Chain
  • https://bidder.doceree.com/v1/init?id=a1ec879a-0388-478b-9237-9d058d8abc70
  • https://thrtle.com/insync?vxii_pid=10069&vxii_pdid=a1ec879a-0388-478b-9237-9d058d8abc70
  • https://thrtle.com/insync?vxii_pdid=a1ec879a-0388-478b-9237-9d058d8abc70&vxii_pid=12&vxii_pid1=10069&vxii_rcid=8789e084-ccab-4c8b-b79b-ce4cb0003739
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pdid=a1ec879a-0388-478b-9237-9d058d8abc70&vxii_pid=12&vxii_pid1=10069&vxii_rcid=8789e084-ccab-4c8b-b79b-ce4cb0003739
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
23.23.163.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-163-185.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 12 Nov 2023 03:40:23 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?vxii_pdid=a1ec879a-0388-478b-9237-9d058d8abc70&vxii_pid=12&vxii_pid1=10069&vxii_rcid=8789e084-ccab-4c8b-b79b-ce4cb0003739
date
Sun, 12 Nov 2023 03:40:23 GMT
content-type
text/html; charset=utf-8
content-length
182
p3p
CP="NOI OUR BUS UNI COM NAV"
logger.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/logger.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd7e2ab52b63b70196a071cf307ea2ffe7db4600c5d8fff52462f0c4f6f367e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/tracker.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtiU5duQ3dBO0xCOfB3GWIm%2B%2Fc2I1jCFHbj5ALs9AOveC4v1q3YqlcI3b0WJMuESsRgA%2Be1jNs5%2BF7aBvr9LdDIXqu5MWzEGgGQqENOdi9QgqKbLd9q7gEjWKZWyMeWjLCFhq97iIeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d589338cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
encrypt.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/encrypt.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f946a259264a9bd695333cef2d44623d16fc37f1b75bd5a4291bbea807c381d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/tracker.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WM132LALBL4nUnOpycH4twr6W1MvHVZVF%2F1qgk1eau%2FAhmxaPGqDWBs6%2BbXl2d8rEpR7D9QK%2FoCJWLpZ3Itzx4ZBrtmCvr1JxneGoFoHNag2SqzjYln2hdrPIxYGwRlShwTeYqg7u%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d589348cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
builder.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/builder.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
429c156d5d150e5566bf354862140ec4560fc502590925f9ac723134784cb391
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/injection.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKUyEcKc7A%2FeWuSCsSb6nt3X7lhHXIbMGcLsa0vR%2Fr0Yg29q4vkciO2dsuWzyBKptLUWLduJFe4HqU75LdwbyJlQGM9yS8Ox%2F%2BIX2WTw8jVVUfeqWoYStxELP5rAjAXm35xe4iGsQBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d589378cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
header-bidding.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/header-bidding.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3537d60bb6a0b98aa78020257cf125782e5dee5b574a8a011004d47b4dd2927b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/display.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2MW7Ud0QEFJCwX%2FB1W%2FGz64%2B1LhWq%2Fl%2BMC2N8oHAgfaOCa61IWXlKFwA5eXh8rIr8L0nC34Xf50zEQlK11cgujXNFEmZxC6hEwUQ4GHzcjYn5rwrUh%2BXLFVVqB%2FW1sM%2Bfil8CP3%2FQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d5a9498cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
layout.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/ 		885 B
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/layout.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3dc179d84cb4d2a21efec8ef40d82909db25639ddda3cfa65249f6b0d1e1461
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/display.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7lXhd9w5RrOzhI%2FidzjT76Iqw1eDMcQE4ZRFgwKEhlyNZRNqAi7vCnuX95eB1VpAUn5gjX%2BhTAy4T6BfmnHp6x37Scukm7D9rCXk%2FN1FyBN%2F4qn5mH92guJKbH%2BY98U%2Bzg6pghMwRc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d5a94b8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
refresh.js
qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/refresh.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7fbff0f47a646cd53cc5c4db6678fdeee4ad01a9cfe3a09b21caf1f311d0d1b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/ads/display.js
Origin
https://qw.jinghuashuiyao.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2023 01:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KenjeGJ6oA32rlx7ktntvpHfFVRyaPEmDneyKVuBOiG1M93oJEgPcWsjBKeIweQlO6S3mo4Jzzp9ROmrp30xFDkDgQ6HolNF%2F2DkbwSuGc%2FbzNJ33yFd64m2k19tyLt%2FYXkGoQ60g6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824bc0d5a94c8cc8-EWR
expires
Sun, 12 Nov 2023 03:41:23 GMT
65864
i6.liadm.com/s/
Redirect Chain
  • https://bidder.doceree.com/v1/initliveintent?id=a1ec879a-0388-478b-9237-9d058d8abc70
  • https://i.liadm.com/s/65864?bidder_id=246430&bidder_uuid=a1ec879a-0388-478b-9237-9d058d8abc70
  • https://i.liadm.com/s/65864?bidder_id=246430&bidder_uuid=a1ec879a-0388-478b-9237-9d058d8abc70&_li_chk=true&previous_uuid=37a8c340c527456bba7dbf5ac823c3bf
  • https://i6.liadm.com/s/65864?bidder_id=246430&bidder_uuid=a1ec879a-0388-478b-9237-9d058d8abc70
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/65864?bidder_id=246430&bidder_uuid=a1ec879a-0388-478b-9237-9d058d8abc70
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
52.206.230.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-230-220.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 03:40:23 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/65864?bidder_id=246430&bidder_uuid=a1ec879a-0388-478b-9237-9d058d8abc70
Date
Sun, 12 Nov 2023 03:40:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
signal.js
www.medtargetsystem.com/js/build/iframe/ Frame 17DF 		104 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medtargetsystem.com/js/build/iframe/signal.js?30&partners=
Requested by
Host: www.medtargetsystem.com
URL: https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&_sid=06a872a8-6054-4147-b772-561c7b055fce&_vid=cf85595a-b76e-4a66-b68b-8cc67817b44c&_ak=160-2655-D7D48E5B&_flash=false&_th=1699760423|1699760423|1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.89.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-89-222.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
e3771fa15f4d3c687eacf64bf959a2049bbb3dfa58e47e148176720dd2dfbc67

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&_sid=06a872a8-6054-4147-b772-561c7b055fce&_vid=cf85595a-b76e-4a66-b68b-8cc67817b44c&_ak=160-2655-D7D48E5B&_flash=false&_th=1699760423|1699760423|1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 16:22:29 GMT
server
Apache/2.4.7 (Ubuntu)
etag
"1a1d3-5edacfed3bb40-gzip"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
29346
fp.js
www.medtargetsystem.com/js/build/iframe/ Frame 17DF 		87 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medtargetsystem.com/js/build/iframe/fp.js?30
Requested by
Host: www.medtargetsystem.com
URL: https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&_sid=06a872a8-6054-4147-b772-561c7b055fce&_vid=cf85595a-b76e-4a66-b68b-8cc67817b44c&_ak=160-2655-D7D48E5B&_flash=false&_th=1699760423|1699760423|1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.89.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-89-222.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
85264f584684170d9e8c1276e07af53e3fa24dfb099f6d57aad5814082b04305

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&_sid=06a872a8-6054-4147-b772-561c7b055fce&_vid=cf85595a-b76e-4a66-b68b-8cc67817b44c&_ak=160-2655-D7D48E5B&_flash=false&_th=1699760423|1699760423|1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 16:20:49 GMT
server
Apache/2.4.7 (Ubuntu)
etag
"15d5a-5edacf8ddda40-gzip"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
20459
_itu.png
www.medtargetsystem.com/ Frame 17DF 		89 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medtargetsystem.com/_itu.png
Requested by
Host: www.medtargetsystem.com
URL: https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&_sid=06a872a8-6054-4147-b772-561c7b055fce&_vid=cf85595a-b76e-4a66-b68b-8cc67817b44c&_ak=160-2655-D7D48E5B&_flash=false&_th=1699760423|1699760423|1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.89.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-89-222.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) / PHP/7.0.19-1+deb.sury.org~trusty+2
Resource Hash
2023d33cdcbc92384e340071f2f3a3ccbbd62712f938b15cf1fe823f93cbca59

Request headers

Referer
https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&_sid=06a872a8-6054-4147-b772-561c7b055fce&_vid=cf85595a-b76e-4a66-b68b-8cc67817b44c&_ak=160-2655-D7D48E5B&_flash=false&_th=1699760423|1699760423|1
Origin
https://www.medtargetsystem.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
private
date
Sun, 12 Nov 2023 03:40:23 GMT
server
Apache/2.4.7 (Ubuntu)
x-powered-by
PHP/7.0.19-1+deb.sury.org~trusty+2
vary
X-Forwarded-Proto
content-type
image/png
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-transform, max-age=0, must-revalidate, private
content-length
89
expires
-1
/
www.medtargetsystem.com/beacon/process/ Frame 17DF 		60 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.medtargetsystem.com/beacon/process/
Requested by
Host: www.medtargetsystem.com
URL: https://www.medtargetsystem.com/js/build/iframe/fp.js?30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.89.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-89-222.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) / PHP/7.0.19-1+deb.sury.org~trusty+2
Resource Hash
5ba572ae6b4c4582da79bf2aa5d152a55cb3c1df71d81ac67b3354075b090ed7

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&_sid=06a872a8-6054-4147-b772-561c7b055fce&_vid=cf85595a-b76e-4a66-b68b-8cc67817b44c&_ak=160-2655-D7D48E5B&_flash=false&_th=1699760423|1699760423|1
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:23 GMT
server
Apache/2.4.7 (Ubuntu)
x-powered-by
PHP/7.0.19-1+deb.sury.org~trusty+2
vary
X-Forwarded-Proto
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
x-robots-tag
noindex
content-length
60
cookie_sync
prebid-server.rubiconproject.com/ 		2 KB
797 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
57e397e034488b0a7258937098d406853e48c2a1b1e55ed04a883a78ce9e35df

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
519
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		335 B
578 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
bcbb2b9107029458f0760edfdf3c777e4b9226753ea82500373d6ee37dd6e1ce

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.2.0
Content-Type
application/json
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
274
Expires
0
ortb
bid.contextweb.com/header/ 		0
802 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
cwdl
22/139,22/139
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
cw-server
bid-deployment-7b7f66c455-76cv2
auction
tlx.3lift.com/header/ 		19 B
547 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.17.0&referrer=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&tmax=900
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.6.167.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-167-249.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:23 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		495 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13482&site_id=57826&zone_id=1397478&size_id=15&eid_pubcid.org=37245b9a-c3e8-476c-8306-d3e1517eac51%5E1&rf=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&tg_i.domain=qw.jinghuashuiyao.xyz&tg_i.page=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&tg_i.ugc=0&tg_i.rc=0&tg_i.c1=354ac345fd8c6d7ef634d9a8e3d47b83&tg_i.pdt=0&tg_i.aupname=%2F7146%2F.*%26uid%3Dd-mrec-1&tg_i.pbadslot=%2F7146%2Fhomepage&tk_flint=dmpbjs_v8.17.0&x_source.tid=e0659fef-f4d3-4fe6-949e-7044b7eb6adb&l_pb_bid_id=9b8f492a1c331e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d4eea1e8-d65e-4a53-8a3b-a9180004c844&rp_maxbids=1&p_gpid=%2F7146%2Fhomepage&slots=1&rand=0.5745873703710496
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ea86c6cc46bed2cafa4ea4aa8ea822108328cde06f20e57f2d145ba5260145e0

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
495
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
delta.adprime.com/ 		2 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://delta.adprime.com/pbjs
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.89 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
transtyle.com
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://qw.jinghuashuiyao.xyz
Date
Sun, 12 Nov 2023 03:40:23 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
request
trc.lhmos.com/prebid/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://trc.lhmos.com/prebid/request?auctionStart=1699760423568&url=https%253A%252F%252Fqw.jinghuashuiyao.xyz%252F&bidderRequestId=125533a0d5a030d&adUnitCode=display...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Ftrc.lhmos.com%2Fprebid%2Frequest%3FauctionStart%3D1699760423568%26url%3Dhttps%25253A%25252F%25252Fqw.jinghuashuiyao.xyz%25252F%26bidderRequ...
  • https://trc.lhmos.com/prebid/request?auctionStart=1699760423568&url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&bidderRequestId=125533a0d5a030d&adUnitCode=display-ad-1&auctionId=e0659fef-f4d3-4fe6-949e-...
445 B
821 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.lhmos.com/prebid/request?auctionStart=1699760423568&url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&bidderRequestId=125533a0d5a030d&adUnitCode=display-ad-1&auctionId=e0659fef-f4d3-4fe6-949e-7044b7eb6adb&bidId=13fcd35867ef007&transactionId=d4eea1e8-d65e-4a53-8a3b-a9180004c844&device=%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22width%22%3A1600%2C%22height%22%3A1200%2C%22browserLanguage%22%3A%22en-US%22%7D&sizes=300,250&aimXR=null&uid=7951105042517337080&params={%22sizes%22:[[300,250],[300,600]],%22adUnitId%22:%222459%22}&crumbs=undefined&prebidVersion=8.17.0&version=3&coppa=0&ccpa=undefined
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
34.102.246.198 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
198.246.102.34.bc.googleusercontent.com
Software
/
Resource Hash
953291d59992873aecd4cd61074ca0b45d1467373916775a1bca84362ce88f4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:23 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
null
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-frame-options
DENY
access-control-allow-headers
x-requested-with
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:23 GMT
an-x-request-uuid
328afccc-4c9e-4bd7-8ec3-45ddcf4f1083
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://trc.lhmos.com/prebid/request?auctionStart=1699760423568&url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&bidderRequestId=125533a0d5a030d&adUnitCode=display-ad-1&auctionId=e0659fef-f4d3-4fe6-949e-7044b7eb6adb&bidId=13fcd35867ef007&transactionId=d4eea1e8-d65e-4a53-8a3b-a9180004c844&device=%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22width%22%3A1600%2C%22height%22%3A1200%2C%22browserLanguage%22%3A%22en-US%22%7D&sizes=300,250&aimXR=null&uid=7951105042517337080&params={"sizes":[[300,250],[300,600]],"adUnitId":"2459"}&crumbs=undefined&prebidVersion=8.17.0&version=3&coppa=0&ccpa=undefined
x-proxy-origin
5.181.234.134; 5.181.234.134; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
559 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=497899
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c51e8021a39cec5fbf5c81f9d225f4b4fff3c0497caeadef6160f8b2d4dab5f

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dwsid8yHjnSawWEBF%2Fs5G9hg%2B5k9UsAyM9rl31u5i2qxfLLoGUcYowk5sV%2FbVkJU6p%2BW%2BzAow4e0HF1c8%2FY7j1IP3Rri4HP5FMIpBojE7vtwngWoMZGLJkoSHvNe%2F7%2F9R%2FTw4XA1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
824bc0d8c81242ef-EWR
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
prebid.media.net/rtb/ 		338 B
755 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUCS6QV3
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
15fe7bce6923d72d971945bd9540dade79c0d3ef1d3b50dfe17414ce77b076c0

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:23 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 12 Nov 2023 03:40:23 GMT
auction
pbs.nextmillmedia.com/openrtb2/ 		0
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.169.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-169-166.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:23 GMT
x-prebid
pbs-go/41.55.0
vary
Origin
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
adrequest
bidder.doceree.com/v1/ 		637 B
829 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.doceree.com/v1/adrequest?id=DOC_5t60klgf3q5ig&pubRequestedURL=undefined&loggedInUser=JTdCJTIyaGFzaGVkRW1haWwlMjIlM0ElMjIlMjIlMkMlMjJoYXNoZWROUEklMjIlM0ElMjIlMjIlMkMlMjJoYXNoZWRHTUMlMjIlM0ElMjIlMjIlMkMlMjJzcGVjaWFsaXphdGlvbiUyMiUzQSUyMiUyMiU3RA%3D%3D&prebidjs=true&requestId=223a2efbcd54ae7&
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.242.36 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-242-36.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
bef87c02c246ac2790fe69c985f7747c57d2a7b47721cc0fb6e536e36cc13d16

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://qw.jinghuashuiyao.xyz
date
Sun, 12 Nov 2023 03:40:23 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
637
vary
Accept-Encoding
content-type
application/json
adrequest
bidder.doceree.com/v1/ 		637 B
829 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.doceree.com/v1/adrequest?id=DOC_4bks5klgfafepu&pubRequestedURL=undefined&loggedInUser=JTdCJTIyaGFzaGVkRW1haWwlMjIlM0ElMjIlMjIlMkMlMjJoYXNoZWROUEklMjIlM0ElMjIlMjIlMkMlMjJoYXNoZWRHTUMlMjIlM0ElMjIlMjIlMkMlMjJzcGVjaWFsaXphdGlvbiUyMiUzQSUyMiUyMiU3RA%3D%3D&prebidjs=true&requestId=235bedbe50a0f5a&
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.242.36 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-242-36.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
8804cf6c6fe16415f9c632483b7ba942d9cf6528a81faaac5c45631d47ef0d75

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://qw.jinghuashuiyao.xyz
date
Sun, 12 Nov 2023 03:40:23 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
637
vary
Accept-Encoding
content-type
application/json
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
306 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=882502
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c34644217dd611984ea41a320538b8b733034b46bfd20140a43e6cbafca11bf

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SL4u5jJhN1OAXN1Ym0ryHpiVEoFmwt5bVqVPcpWq219RVqJTHy7qDjGzd2vb8jfZ63PzaEfrWMwDG%2BpgB6WHaxlkBPxYpbRhqd1GleTcrUR6OaykEi1R897C0vjsdtj1R6mVWOpX"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
824bc0d8c81542ef-EWR
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
v1
prg.smartadserver.com/prebid/ 		1010 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.119.114 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip114.ip-147-135-119.us
Software
/
Resource Hash
154a0afe21a85b35aa5212399c2e830014aa8dd2121bc054d2b1d483ff3981ac

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
586 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:23 GMT
an-x-request-uuid
665d91bf-eb1e-44e0-97a3-1468f4d171e0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.134; 5.181.234.134; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
435 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.71.198.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-198-74.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
19c2a7ee0e630d3606f6b8b8de615420c28d7a79d2d4196e5bbc897b5379ca0e

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 12 Nov 2023 03:40:23 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&placements=8330
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 03:40:23 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=13482&us_privacy=&gpp_sid=&gpp=
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=13482&uid=LOUXGXA5-B-CIIH
86 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=13482&uid=LOUXGXA5-B-CIIH
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=13482&uid=LOUXGXA5-B-CIIH
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=8330
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 03:40:23 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3313089668440626&correlator=1448004750804874&eid=31067357%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=7146%2Chomepage&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699760424074&lmt=1699760424&adxs=216&adys=1668&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&vis=1&psz=302x262&msz=302x262&fws=0&ohw=0&ga_vid=1469202067.1699760424&ga_sid=1699760424&ga_hid=1209387501&ga_fc=false&dlt=1699760422098&idt=670&prev_scp=uid%3Dd-mrec-1%26prebid%3D1%26size%3D300x250%26tier%3Dstatic%26loading%3Deager%26position%3D1&cust_params=ugc%3D0%26rc%3D0%26c1%3D4046%26pdt%3D0&adks=798153990&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
4f6c14652d27a6649bdddb19fbca07c59e88bba1bb08cc1edbd8dd7ac9241e11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12715
x-xss-protection
0
google-lineitem-id
57380198
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138452672605
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0f0772501ba38c43d1ce8092e0d1d020.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D0F5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f0772501ba38c43d1ce8092e0d1d020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 03:40:24 GMT
expires
Mon, 11 Nov 2024 03:40:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usersync.php
ssp.api.tappx.com/cs/ Frame 25CE 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 494E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6HIf8m9ltkN77WpqBo7VVa8syLEveqwkAuCGP0sQTJDYCEkHmvf-Tju0BDH59ckzE0rEWybEfSDG4mC0sSN4KMqllq6qIS3hLIykIe9FGCVWgBd_m-TNUnEK3e_Niic0LEYRwPoyL8VZ6bFhzyPssWR5KGrtETn4Oiy5HqtI-rNy9LQBjq_b8QMOTf5CAfVFxSw-qpefseRL5gQ7YKc2kOMck_5DERi1CMgeoAajIrNw3hKeNSkjhTXG3hWpyVfbQ_2Eg2K1TbUOW8QOTMyfOsJEgZDc_yezIa1ArmaoIuzQMY_L7xkijss78L7bIYo0V_9BGGKC886RGxfv8_h2_9VJoTo4&sai=AMfl-YRvi3dbiXhmmlBIrGiOHnX6qaoFDO4qsadNI0m2vDpP58mDVvjntjPGsp4j000XDkXqPpcVWd3zLUpkPfhGXb5gZSLNE9RWctbkWEoMmvNy4jZvrE_9FNIDpUiX_LnFn6L00GFLvmID76UlnyBqMRU&sig=Cg0ArKJSzBLvcaADweYBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Nov 2023 03:40:24 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 494E 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b29f6e42e34899f35354677572a0f96a0219aaeee6491d8a796a2e55b9f100d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10190
x-xss-protection
0
server
cafe
etag
15048830796185513269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 03:40:24 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 494E 		199 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 03:40:24 GMT
pixel
protected-by.clarium.io/ Frame 494E 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_VUVXZURraHpkSE9tc3JXaHZ2NFpCT3M4dnk0LzIwNDEyNDgzODozMDB4MjUw&v=5&s=v31hf0prhhu&id=eyJkZnAiOnsiYWQiOjEyMzM2NzU4LCJjIjoxMzg0NTI2NzI2MDUsImwiOjU3MzgwMTk4LCJvIjoyMDQxMjQ4MzgsIkEiOiIvNzE0Ni9ob21lcGFnZSIsInkiOjAsImNvIjowLCJzIjoiZGlzcGxheS1hZC0xIn19&cb=8732999&h=qw.jinghuashuiyao.xyz&d=eyJ3aCI6IlZVVlhaVVJyYUhwa1NFOXRjM0pYYUhaMk5GcENUM000ZG5rMEx6SXdOREV5TkRnek9Eb3pNREI0TWpVdyIsIndkIjp7Im8iOjIwNDEyNDgzOCwidyI6IjMwMCIsImgiOiIyNTAifSwid3IiOjJ9
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.44.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-44-14.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 12 Nov 2023 03:40:24 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 494E 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2918294956f940c1597da06736bd9d4d7ed30854692a5bbc6f62cedb14ed3c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52741
x-xss-protection
0
server
cafe
etag
5978861828396073695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 03:40:24 GMT
truncated
/ Frame 494E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97e3f8c4fd789a1d66508457b8dee8c8057de37e5ac2dd265c4e58288b83a227

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/ Frame 494E 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js?bust=31079587
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2da8919315fb8aa3ad2df275ce013efdaa08f1e4cf7638947de21e83f863ccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138372
x-xss-protection
0
server
cafe
etag
17332032291456235338
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 03:40:24 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame 399F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
36952
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 17:24:32 GMT
etag
16674218716276178799
expires
Sat, 25 Nov 2023 17:24:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7DAA 		76 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9684535497c9f8d85b3d42198a55a330e4dec2422fd16181b77ddc20dc0fe22d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
31448
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 03:40:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.14.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-14-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 12 Nov 2023 03:40:25 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.14.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-14-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://qw.jinghuashuiyao.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 12 Nov 2023 03:40:25 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
prbds2s
rtb.gumgum.com/usync/ Frame 389A 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.159.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-159-2.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f950b1273fa3d3aefd95c79cea8f6b372c662fc96c163d960cff78cc23d0ddbd

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 12 Nov 2023 03:40:25 GMT
etag
W/"020db147d97cdcf00c9ae978624965e3c"
server
nginx
timing-allow-origin
*
/
qw.jinghuashuiyao.xyz/api/log/ads/ 		30 B
844 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qw.jinghuashuiyao.xyz/api/log/ads/
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f257562e98da1043dd24551ce9f41f0851d211e7979b65b4d4bcf69776423ccb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-Client-Date
Sun, 12 Nov 2023 03:40:25 GMT
Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 12 Nov 2023 03:40:25 GMT
content-security-policy
frame-ancestors 'self' https://tpc.googlesyndication.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
30
x-server-timing
0.00022
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FSFelx8%2B03gZtZU1OLiq5AguiahzaWzTh5rCoMK3J17DEcpMLPrk6ifZcb4CrzbMxrWGSLh7H1oJ%2FHZWr%2BOZTEZ4PxAJk3GXMUVc5rmc7wBNAd%2FX3CVZOORxblqBIs2cn8Ta9ZVHt3%2FSTgGkpKXVtp45zY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, max-age=0, must-revalidate
cf-ray
824bc0e3be628cb7-EWR
access-control-allow-headers
Content-Type
expires
-1
style_banner_6df7b6.css
cdn.mediago.io/js/template/style/ Frame 7DAA 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mediago.io/js/template/style/style_banner_6df7b6.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-117.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c97b291f30dafec3877840f45e38fc5040760d5d48054ec301860db2f47abef

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
C1RTuJb0W8nqOWn6puCvq29BVn6V0227
date
Sat, 11 Nov 2023 05:48:37 GMT
via
1.1 fd4c476aa3616f643565cbbf3a891a78.cloudfront.net (CloudFront)
last-modified
Thu, 24 Aug 2023 13:31:37 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
78710
x-amz-server-side-encryption
AES256
etag
"c4080f016cac23105aef6b32b2ee7565"
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1667
x-amz-cf-id
wkhzCOBjfcMODZsygFWj3euTKDkgR0ksTltNymnsm96uuzRfNvRMJA==
86aba9e2800e5cb45023cf9dc4904e0e__scv1__300x175.png
images.mediago.io/ML/ Frame 7DAA 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.mediago.io/ML/86aba9e2800e5cb45023cf9dc4904e0e__scv1__300x175.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.60.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6e25cd0705ed881fa8995f3884f919bfb1b8ab59f6fafabf08c7d9959dfa6f27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:28:02 GMT
via
1.1 google
age
743
x-guploader-uploadid
ABPtcPpmFqekEknRplaUKX26GkOkLV0b5dQAyNnQJGcpwHuPI72LhP9lrnIQEQkaSa-yb5ZN2r6JQkLfP968o4K0eSDleQVxzePK
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101494
last-modified
Thu, 31 Aug 2023 19:38:47 GMT
server
UploadServer
etag
"2a1f7cceb8f0997021aac22e185cf051"
x-goog-generation
1693510727896454
x-goog-hash
crc32c=JteamA==, md5=Kh98zrjwmXAhqsIuGFzwUQ==
content-type
image/png
cache-control
public,max-age=3600
x-goog-stored-content-length
101494
accept-ranges
bytes
aa.js
q.adrta.com/s/bdu/ Frame 7DAA 		912 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/s/bdu/aa.js?cb=990263295ea28c4c6a371c44d94d838e
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.123.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-123-12.compute-1.amazonaws.com
Software
nginx /
Resource Hash
53440d1a23f6042f7f5e6f7a015cca9f08c253f23e8cb85dbccc1c732942ea57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Nov 2023 03:40:25 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7DAA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 09:59:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
63682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 09:59:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7DAA 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 09:59:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
63684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 09:59:01 GMT
l
www.google.com/ads/measurement/ Frame 7DAA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQl2jYbylvmW3LqjmFu3neKa_dwzHNGvVGV95S7WV8QHTA150cuS3uuhsVjitUc_q_EQOU8LbJCEDzi-438ImnO5YEsVQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7DAA 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 03:40:25 GMT
usersync
usersync.gumgum.com/ Frame 389A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7951105042517337080
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7951105042517337080
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:25 GMT
an-x-request-uuid
7e16f1bc-3140-4bf2-ad88-d12949054abe
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7951105042517337080
x-proxy-origin
5.181.234.134; 5.181.234.134; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 389A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_e794f4a3-a55a-4747-9006-94aff851980e&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_e794f4a3-a55a-4747-9006-94aff851980e&gdpr=&gdpr_consent=&us_privacy=
  • https://t.pswec.com/bsw_sync?ssp=gumgum2&bsw_user_id=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=gumgum2&bsw_user_id=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=f8c9c27c-3f1e-4d84-81f6-a047fb3eba5c&expires=3&user_group=1&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 12 Nov 2023 03:40:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 389A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=a3fb7e16-b77a-4e84-b084-025e9b594d45
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=a3fb7e16-b77a-4e84-b084-025e9b594d45
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 12 Nov 2023 03:40:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=a3fb7e16-b77a-4e84-b084-025e9b594d45
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 389A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134
Date
Sun, 12 Nov 2023 03:40:25 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 389A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-wVS_879E2pdaVr1ZP5mo8UZ7F_wbr4U1E2bL~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-wVS_879E2pdaVr1ZP5mo8UZ7F_wbr4U1E2bL~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 12 Nov 2023 03:40:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-wVS_879E2pdaVr1ZP5mo8UZ7F_wbr4U1E2bL~A
content-length
0
usersync
usersync.gumgum.com/ Frame 389A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=8392f24d-0ada-490b-952e-a47ef9697103
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=8392f24d-0ada-490b-952e-a47ef9697103
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=8392f24d-0ada-490b-952e-a47ef9697103
Date
Sun, 12 Nov 2023 03:40:26 GMT
Connection
keep-alive
X-CI-RTID
d8a6a87c-0a61-4520-9d69-ae3e10e94020
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 389A 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 12 Nov 2023 03:40:25 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 389A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_e794f4a3-a55a-4747-9006-94aff851980e&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=u_e794f4a3-a55a-4747-9006-94aff851980e&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=-yMsTCpHscGH03KPptyz
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=-yMsTCpHscGH03KPptyz
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=-yMsTCpHscGH03KPptyz
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 389A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=c4oQ0PzSADVr&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=c4oQ0PzSADVr&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=c4oQ0PzSADVr&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-cgg2c
expires
-1
usersync
usersync.gumgum.com/ Frame 389A
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4345599828454128829
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4345599828454128829
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4345599828454128829
date
Sun, 12 Nov 2023 03:40:25 GMT
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame 389A 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=gumgum&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=u_e794f4a3-a55a-4747-9006-94aff851980e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
usersync
rtb.gumgum.com/ Frame 9F69
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=3604944725766803850&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=3604944725766803850&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.159.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-159-2.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sun, 12 Nov 2023 03:40:26 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 12 Nov 2023 03:40:26 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=3604944725766803850&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 277E 		170 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9lNzk0ZjRhMy1hNTVhLTQ3NDctOTAwNi05NGFmZjg1MTk4MGU=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 03:40:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F5A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.199.48.228 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-228.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=92753
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 12 Nov 2023 03:40:26 GMT
expires
Mon, 13 Nov 2023 05:26:19 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 6B84
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=59101c9a-21ec-4bd8-91fa-67f15008d9f8
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=59101c9a-21ec-4bd8-91fa-67f15008d9f8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 12 Nov 2023 03:40:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Sun, 12 Nov 2023 03:40:26 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=59101c9a-21ec-4bd8-91fa-67f15008d9f8
server
Kestrel
usersync
usersync.gumgum.com/ Frame EA06
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVBJKsCo5ukAAMZ9xLkAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZVBJKsCo5ukAAMZ9xLkAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 12 Nov 2023 03:40:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 12 Nov 2023 03:40:26 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZVBJKsCo5ukAAMZ9xLkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40285.dc2p.scaleout.jp
X-SO-IP
5.181.234.134
X-SO-Key
ZVBJKsCo5ukAAMZ9xLkAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"5.181.234.134","key":"ZVBJKsCo5ukAAMZ9xLkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40285"}
X-SO-LB-Hostname
a-tgng40018.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40285
usersync
usersync.gumgum.com/ Frame 6F22
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=8iQJo75xKHHZcSBtPQec&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=8iQJo75xKHHZcSBtPQec&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 12 Nov 2023 03:40:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 12 Nov 2023 03:40:26 GMT Sun, 12 Nov 2023 03:40:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=8iQJo75xKHHZcSBtPQec&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 7BFF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.253.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-253-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Nov 2023 03:40:26 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 12 Nov 2023 03:40:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
PugMaster
image6.pubmatic.com/AdServer/ Frame 1F5A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17281545&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0cce65a7af35d9c1d116c51fb373b28a71e35d735e3d7adf3f87c45dd037c965

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 12 Nov 2023 03:40:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ic
trace.mediago.io/ju/ Frame 7DAA 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=3ffd5868576339b8a5c3d0f060cfed82&acid=536&data=84fAr8f_VrrgzikLvV8NSDM5_kriVa3z4pukQZiYFbsXwEa3NCOjoGqbhqEXH4bodpnRiq-y4N6dGZFi1nAIwmBkx7SS99sd_1XQYv0KObmS3Mj9NUURB0Wb-CcYFm_Vkhu_wlSxFN-34JncRhS_mDRcjr84fTAff9sXl1r3kFoXv00XPynaXo5jrPdgpQkQUVzhPO-YXGzeoHTXA6oUO7qOAidBr1CJoXAdzZZQhFs5DZgykkMRVxN7S0XuHgSMmjae8kRGSZD-_85HQEzRLtQ2gdM5Gp0-y2dQ1pdbMFUWcqrocYzBavoqEws7eBF1DtHjZeLbt--h5mr-0QA4dSOUny5Fh7YXcL5fd2g5DDMRAYn63bUrpi75JC2gVYDMq6-2XayVHsy95ix103fiU_TiMQnAxfyALEV3UOL5s48n2pj4_eJuSYsWkK8Z6DzPmg9Dly99oiIXBCIou1tGxjqQQ91imsycxIK6VpHgoW6O5IB2LHnWNmdVjhzP2_eprYhmNXHwcjOyQINrMhVeh9g47BplaK6pp-ccia4PV1aWo4Hc6UP9yk1z8CLunklgt6Kj_a17Y_m7pJKfV4kt3e_9GnTfOYvicQeTDsWUoe-5GDUVtXSovc18waCtcF1fkcHMqMZMEBYQwbeBIFEJFhd53F4EG6u5MZTYnuWj3RcCdwW70TiW607Yk9q_panUhbCnixYtaRpski2QKpj0LfYdpcUFMmDHamujwy5x2GCz2mDl-i7xpDP4kK6KxLsdmc0yNf_7wYGbEC-aEombGrYv-DYE-cQrVAvJJgJRt40i81qih39xsQRh6tKllL5RzHJZ1feQSnmS8KuuXqOGqXxHL1gnh0WOMJWCa22ryAJVDuiI1jQJ5EPj402uvJbGvwDpZmwei4m3V1nw8jK1j8f3BedCW82X_QOOd6b34Qyrdlx63sH--s_G9cyvOMKgk7w0TuWHvPNPCNtqSAChDm-eA80BwbkwxlLXksH5rduG1HpyvTN3iTUDNhRY88cpScdT5hSe70hkF0Qjkg1x-swJkMntZm3pJY8Ex2__LUmZWHJsHVr7RjXKijW2vNMwhme96-sx4xEr2S2RMvlF60SzZS5xyeHlT1jQXC4zYATz9hvXV919nKYvYA6rUAe0QUIy48nxmo6c0Hmx2IpSDWtHtwgRj4hFqSDjaAMNmZluLuTMP_WqK8D6pQbcbskPtSZA13b8zyqh0NQUlDYe6NQ2iHo-ClyK9spAVEzZRFZQryPcisZGCpen59dU-vYCrx8-gY9UD8V4mjTE-b0Qg-lifeSsu6H8Dz4mUHhdhtw6lGA9V44jRFQiR-kFwmowFFwpZDzMRoQn1X8PMOo4RwvSqzoWO70bDc-Cxw1pKHjrAHfBRxFaojg4oRprG5NMqpsyhQQNGuFCb3ki1mMX9VlyfMhw6NYi0pEqQdirnqfYNpwhKn1_oUoxt3xrmSchbwMlX_pktpXhYS_0icoxeJUSxVAR99nRs3MHCdenyEnB8o1dLYamxkEOBuQZntcL9haejQHLeue-cbgpu61gnioiisNMDQtd3U-2h2arMRjCi2nFRo-MIZ1-LqLYlK4u&uid=CAESEN3GrqJ6xOb8ORF1CQkijfs&mguid=&ap={AUCTION_PRICE}&tid=72
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
r.js
q.adrta.com/s/bdu/ Frame 7DAA 		129 B
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/s/bdu/r.js?v=23.000&rcb=105624&cb=990263295ea28c4c6a371c44d94d838e
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/s/bdu/aa.js?cb=990263295ea28c4c6a371c44d94d838e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.123.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-123-12.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5f1b19c236565ac55d17b578c7e1dbec67a1a82d41c01bb463595ffbaacfff66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Nov 2023 03:40:26 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9089 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
73157
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 07:21:09 GMT
etag
48472445140208031
expires
Sun, 12 Nov 2023 07:21:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1352
check.analytics.rlcdn.com/check/ 		25 B
385 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1352
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-17.ams54.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 12 Nov 2023 03:40:26 GMT
via
1.1 6e44e48abc671a9155ea845c36f68920.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
x-amzn-trace-id
Root=1-6550492a-794152a3531f62950db5bb8e
x-amzn-requestid
036f2ef1-3bb6-43ac-912b-af5a4ea4a1bf
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
ORBeuHdtDoEElFw=
content-length
25
x-amz-cf-id
YioasHU7xsydpZbZKb10GgeswOGXUSFS6Hy4EzvRfQ5LRKpfKvQosQ==
truncated
/ Frame 7DAA 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0436218419138292754d5968a694c514eacf1751c04afaed3e30f5a9ca86a2d4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
dcm
s.amazon-adsystem.com/ Frame 1A0A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 12 Nov 2023 03:40:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2YWM1NVZ4TYGNQF5V1FQ

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 12 Nov 2023 03:40:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
20YJEPS0M8FG10PNNCYS
Pug
image2.pubmatic.com/AdServer/ Frame EEA9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWWFVN0tvSklBQUJZNlNBSC1Fdw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?uid=AADYaU7KoJIAABY6SAH-Ew&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADYaU7KoJIAABY6SAH-Ew&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4345599828454128829&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AADYaU7KoJIAABY6SAH-Ew&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4345599828454128829%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4345599828454128829&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AADYaU7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADYaU7KoJIAABY6SAH-Ew&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADYaU7KoJIAABY6SAH-Ew&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 12 Nov 2023 03:40:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 12 Nov 2023 03:40:26 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADYaU7KoJIAABY6SAH-Ew&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame F7DE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7951105042517337080&gdpr=0&gdpr_consent=
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7951105042517337080&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 12 Nov 2023 03:40:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
97f77ef4-6da8-4dc2-8f2c-0de13d5e91be
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 12 Nov 2023 03:40:26 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7951105042517337080&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
5.181.234.134; 5.181.234.134; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame AEAB 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=D73D9093-D4FA-4908-93A7-01F9CAFE2D97
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 12 Nov 2023 03:40:26 GMT
Expires
0
Pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F5A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1z2Qk9T6SQiTpwH5yv4tlw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
23.199.48.228 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-228.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:26 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=92753
accept-ranges
bytes
content-length
5606
expires
Mon, 13 Nov 2023 05:26:19 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 1F5A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D73D9093-D4FA-4908-93A7-01F9CAFE2D97
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=D73D9093-D4FA-4908-93A7-01F9CAFE2D97
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=dd1d3d63-2c54-42e7-8ac9-4dc323055116%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=59101c9a-21ec-4bd8-91fa-67f15008d9f8&ttd_puid=dd1d3d63-2c54-42e7-8ac9-4dc323055116%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=59101c9a-21ec-4bd8-91fa-67f15008d9f8&ttd_puid=dd1d3d63-2c54-42e7-8ac9-4dc323055116%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:26 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=59101c9a-21ec-4bd8-91fa-67f15008d9f8&ttd_puid=dd1d3d63-2c54-42e7-8ac9-4dc323055116%2C%2C
date
Sun, 12 Nov 2023 03:40:26 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 1F5A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20D73D9093-D4FA-4908-93A7-01F9CAFE2D97&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 1F5A
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 12 Nov 2023 03:40:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Sun, 12 Nov 2023 03:40:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 1F5A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDczRDkwOTMtRDRGQS00OTA4LTkzQTctMDFGOUNBRkUyRDk3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 11 Nov 2023 19:03:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1F5A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM67FQZn8rHs_3PYH--VH4k&google_cver=1
42 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM67FQZn8rHs_3PYH--VH4k&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 12 Nov 2023 03:40:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM67FQZn8rHs_3PYH--VH4k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1F5A
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0E8E1034CA8A4DDA81839A2628FF3ECF
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0E8E1034CA8A4DDA81839A2628FF3ECF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 12 Nov 2023 03:40:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 12 Nov 2023 03:40:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0E8E1034CA8A4DDA81839A2628FF3ECF
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 11 Nov 2023 03:40:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1F5A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=59101c9a-21ec-4bd8-91fa-67f15008d9f8&gdpr=0&gdpr_consent=
42 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=59101c9a-21ec-4bd8-91fa-67f15008d9f8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 12 Nov 2023 03:40:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=59101c9a-21ec-4bd8-91fa-67f15008d9f8&gdpr=0&gdpr_consent=
date
Sun, 12 Nov 2023 03:40:26 GMT
server
Kestrel
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 1F5A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NJkrLzhE2uUp9tDHdwXhFd.DFYIBCOA-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NJkrLzhE2uUp9tDHdwXhFd.DFYIBCOA-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NJkrLzhE2uUp9tDHdwXhFd.DFYIBCOA-~A&gdpr=0
date
Sun, 12 Nov 2023 03:40:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
D73D9093-D4FA-4908-93A7-01F9CAFE2D97
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1F5A 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/D73D9093-D4FA-4908-93A7-01F9CAFE2D97?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:1404:5fed:fb6f:9150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 1F5A
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2b9b8d5915f714fd&is_secure=true&networkId=17100&version=1&nuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHiu0Dtfg7QQMMQempAAAAAAA&expiration=1699846826&nuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&...
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHiu0Dtfg7QQMMQempAAAAAAA&expiration=1699846826&nuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 12 Nov 2023 03:40:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHiu0Dtfg7QQMMQempAAAAAAA&expiration=1699846826&nuid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
usync.js
eus.rubiconproject.com/ Frame 7BFF 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.253.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-253-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
64495d1b9a11f0bbf0601078753d0cea1f987dc62406ba5b5209339ecda7df91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 03:40:26 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Nov 2023 00:54:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76431
Connection
keep-alive
Content-Length
13280
Expires
Mon, 13 Nov 2023 00:54:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7DAA 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkaW6KElQZe2aO-q3nsEP5L-x4A-jprHLbIXIn6mtEMCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTM5NjQ4MTY3NDgyNjQ0NzjIAQmoAwHIAwKqBMkBT9CTYy1l-9sbdOUl15ircxR6YlucvLnN8fbZ4KJqVpa539ckv7G1p5d8bBJP60jiNQnYONPcG2fDgUdwSdlbT6h7c5TgL6kogB9RC-IMUkhtgJFBkSG2_vejkEzenF577rmKU75q4iLY_vVoR2PnlnRwMqILcgpmf49MHRB8Fn2FacZQFYArth8hY4VaAn1sOKcnsGKu25D4CCT2hoBMraow9QBIeosQ7ngdnA1Sn3xn4zsBhigUmU_VKZBwFNaZnJE-yhap6FhagAbAs8-ImsiJkZgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zOTY0ODE2NzQ4MjY0NDc4GAA&sigh=0uV1LPIUDH4&uach_m=[UACH]&cid=CAQSOwDICaaNoGD8h_vTSdZIP9tJKBly47tVTrvyy6BMnbN8QiS_JjAOD4WR94YS_LDbQ-htP_CjrW7kn8nEGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Nov 2023 03:40:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winnotice
trace.mediago.io/api/log/ Frame 7DAA 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace.mediago.io/api/log/winnotice?tn=41b6e88a2b85b0e731ef8e73e5558712&winloss=2&id=990263295ea28c4c6a371c44d94d838e&seat_id=${AUCTION_SEAT_ID}&currency=${AUCTION_CURRENCY}&bid_id=${AUCTION_BID_ID}&ad_id=${AUCTION_AD_ID}&loss=${AUCTION_LOSS}&imp_id=1&price=${AUCTION_PRICE}&test=0&time=1699760425&dp=QrCDZqYoXd4qPkBugRHUxL4SdgOsI_2GPCu-7GlWS7I&dsp_id=22&url=EDjh4HqmckD0ijurc8tFg3okJv9V1q9woqQ-L55Zx3KBdB6w_KJwSGFl21JUyLCzINmwzoVGCxrjhIowgh4DbRFJ6vQ7IlP_dDP65bZGpr_wisgYC4WAF34nE4tDPC7ItMxWaC9MUVPdkHxY7CW6-MJtNe8JtUpdx34Z-yFj_KkY1hHl2XD0Y_JZl5Xs6T9JSCvNwUOzFMOWf_ZD7xd-dK9eSs8i7oWa6lfNS3Mq7s3UXUzxKul6bcbTtCbspfWujSBRl7ew1hvcCz3iRi8JvPpjgnVGXO7ILuQrrmp5HMedFnErEK268E645oSf6h8e9uHj1wVmAisqH8Td52f8psu4Nk9tHDjIw6UXEhpJZ3U_BSRKnE85qv-YtY4Fhw6tHUVh69gPyzzUeB_Xu09NPgiDaPqFYH1loNV4oCJ5Mvz7lcXGOcTfY-wms6TG4mqComRs4SXNgTakyIOeuShTayx_KdVmmQmTukeeGJFhpquqUQKCgYWNcw7BlGPm5xq0L3tO9wvqBPBtKAB7rFpK1FhcY6gbIFZ9e4P767cJuyq4ziyNqhKP4LXRJ8FQLiw0gCnydSGVNnTjDCRbWcEs39OVR2vcCoPkb70X8cP5pYPbH-H1FpMQ_9DWS9_5fb40bTNsiuUlSlCuz2rfrnAOYXUO5kEr8_J7QTeFAZepEjMp1HR4yMfcYOR8vo9_yo2YiZ7_RLJNRfIMTTNslphTI80bAvKPVS_gQx0fP2a7JLcELtNcksHrc9n2thbasO8LYCrO0Pe_9u4UTva5OgjbS6TE-4xFP6VrwhIqkiPK2Jvc9_z8elSvJETdxEuEJwdqOfkkupKipCMbsIPA1dGc4c9cm5R66RRYxKTQNO0IFTSgkiZG5ZYdF6pQ45lbwaQ9q0ZqV3EyUvmGIod-mvULpgC3fszv2SIz5cCQD7nCi61YUgPyTQCzPdcwEzqGEbq7DhHhXbS2hM24fI8FjhZmc7zsxe6OerhVuQ9gcytdwUJSW0hBuCmGTgOX3N23DUOZ3d8FnLNVu3x7l8x8_vxMlhup-L_YbyNLdTybjkC0z142-mKulOVWGyiJFFHO1-R8DB9a9RPfiVogY2FDLOqxQbE4brbg-Mf9ETsjv9nI_SurPfETU4rvuJDRicasaUC8ePMWiChwrDBx-8QvJNkolKUGROW6G0siQZpBosjbvb3iEX5vli_jwuY6O2xLMFWnY_PAS_B2vhFfT3foOGAx5zeAaDJC9HXSQZhOWDJNCnXUKxKJB8nKfDt7uWvOfiZre0idrCpE9_rXM2DCWTNe3qmN8GiFXgMcbVXbzBfd4Na1E9CEM2jGdGHqh4xgTOF2J-9x3VaX5vAzon-oTb5aFVKKQzBGokj-L3PxPj8HWUipnlK-qMVeTSHdrXjsbeI6-prVRM6NWpj1Cyl47fTYK8FAPj1s1mbXms9XgrH6LodYTY9vGeWrBHmZ2XpG9uZ4Z-ksyVxU9ON2HxKEuZdJYqBoUxL14yLdQhAlnJIwSoLDUmq5kIiDWjz5REbPkXou6uhNPnnSTd07jtl5bPEc2HsoTHwaywD1TWwyb6BSzL0OUhSTEDx7r7HN2OVJn98pk0dssR0lpEXpAIaPlcFQvUbP8WY4pIhuym0gPHU-4PGeYX3AWNU3f21zGS6BEZh5EW4TJjsmEPlohGdwsjLtIuWPWQHPGavGmMKoA5coEE8nXx6RRh76pCJQJxGCV8fUko-xfS0v-_KYLv9n7aqt-CuP5jPtVr5YE26Ai0x8nm2WqY54-SzGCNilHq4UXmCvofkVjEVkZFdqXNvy_x3jtwexgJYNRQcPrMoZ72mGyzXPADiLNXDlvSJB4nl2WG6r8F7Iob3VRaM9LUorljxFM98EjIm4ysy_NGnuNCdsehuJT5v_ydnqKk1OWBMGCr0HlImnBLkyFWUB2cNJMVgsZmKeYzbgwzELIxiIEhatksBM0wRcMYi3kKLIzjvx6qH9PJeIfc9YZOvXK3-Ib4OgndLHm-JDM0Zhy4Dkw7-y0kI7TzFHnT2btXBcoJ4tUujp5fwwR9qiGY6LzGGmmTDaU93hWLbqpXe4wcdn5THvQlBTgdG6GhCu9r-PeaqAlzZvRvL1GwEBp1yOQ0ObOLFguhUwECApjdIEoYByJ_DrC2CL-iQkyuskLNN0ZWLCD-yAicL8QSp279udph_dRseuVS-jC5DbqxnroLWaXbwXg2G7mEll_YAybUkB_fLfmRjhDFYx_QV1swT29TtYKi-JKEyUvg2WIqVP31KU0ycZGC0pKtOONQhzg3qdVQUUsYq3e3WYTxkBGfNqdWOoi-Jo0mkGsvj2x75En8kCN5ht9wCMogqXVQW2iIIxKGj0P1Lqk4WImWpC4A4nq0PyeF6nwPJ1KaAdh1JT9hwQgstsKyZeQ_y6_JYUEncJXKRvaO0qfZ-XfRvOUVbH7o7KBZWEbcpGSB2oiq30O-C-XmdsPwBmH0kXCCnnROJSR2UJsBSTB9RR2y4IDX9Gjyi6JJQGlQ&sp=QrCDZqYoXd4qPkBugRHUxL4SdgOsI_2GPCu-7GlWS7I&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
cdnf.js
pix.adrta.com/ Frame 7DAA 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.adrta.com/cdnf.js?v=23.000
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/s/bdu/aa.js?cb=990263295ea28c4c6a371c44d94d838e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-24.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
o8Dqn2fSaANd7t63xhmbtoZe_cmSJAMf
content-encoding
gzip
via
1.1 c8398cf797b03d1d2d2deda33fe571f0.cloudfront.net (CloudFront)
date
Sun, 12 Nov 2023 02:47:45 GMT
last-modified
Sat, 28 Oct 2023 05:29:11 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
3162
x-amz-server-side-encryption
AES256
etag
W/"82b6743c32bc1214117ff9c6593e4ac5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
RaiH18PS8eVSseO244vQIW9fwV6moghulK2T6fIP_UJ6TGNHOtLh9w==
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9089
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJZKAQO68umAmr2aZnrQaEA&google_cver=1&google_push=AXcoOmRoJRguM6GXt4i346pWWyhaF8dRXp0lrPDseaW5RblGk-KTfKh5AqR8KF3RJvkIA2wZ1yJ97md87E4vQX6rMZsLqHNLuJw6
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQ4MDk3NTI5OTM4Mzg1Mzg0OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJZKAQO68umAmr2aZnrQaEA&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJZKAQO68umAmr2aZnrQaEA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJZKAQO68umAmr2aZnrQaEA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9089
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBbDhqMSu9ccoqFxnJrmUHg&google_cver=1&google_push=AXcoOmS1-gie8pzN3pIj3bTyw6OHHAIr505FF2W4wROsw1X9YXKljh7KQjGfDfDymmFh6MklR2yn6wL0HxgtjtD60i41...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmS1-gie8pzN3pIj3bTyw6OHHAIr505FF2W4wROsw1X9YXKljh7KQjGfDfDymmFh6MklR2yn6wL0HxgtjtD60i41MJ-8QCJTOA&google_hm=j_fRre5ARA64fe06o_rkeg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmS1-gie8pzN3pIj3bTyw6OHHAIr505FF2W4wROsw1X9YXKljh7KQjGfDfDymmFh6MklR2yn6wL0HxgtjtD60i41MJ-8QCJTOA&google_hm=j_fRre5ARA64fe06o_rkeg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmS1-gie8pzN3pIj3bTyw6OHHAIr505FF2W4wROsw1X9YXKljh7KQjGfDfDymmFh6MklR2yn6wL0HxgtjtD60i41MJ-8QCJTOA&google_hm=j_fRre5ARA64fe06o_rkeg==
Date
Sun, 12 Nov 2023 03:40:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 9089 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRtA9TuejfhEXOFV38CnLY9KGu5nyAwng3A1b7f37F8PDPYNDewJG8dzXuNXnn2XiGkGUenLYReIfWd2dAcLfGdazBKnfLEIQ&google_gid=CAESEATpWEp-JsnvzFz6D1QKq6Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
404977
expires
Sun, 12 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9089
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMd2qiqJIxNM7TKDpnDGgeQ&google_cver=1&google_push=AXcoOmTSKDsVLCf60yQHR8Le7kLzAa8pc2QZ13pc3uiUJrxzps17me1g9lDmYLL0KqjySCUfXtu1ibWv...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMd2qiqJIxNM7TKDpnDGgeQ&google_cver=1&google_push=AXcoOmTSKDsVLCf60yQHR8Le7kLzAa8pc2QZ13pc3uiUJrxzps17me1g9lDmYLL0KqjySCUfXtu...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM4NDQxODQ1MTcxNzc3NjM1Mg&google_push=AXcoOmTSKDsVLCf60yQHR8Le7kLzAa8pc2QZ13pc3uiUJrxzps17me1g9lDmYLL0KqjySCUfXtu1ib...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM4NDQxODQ1MTcxNzc3NjM1Mg&google_push=AXcoOmTSKDsVLCf60yQHR8Le7kLzAa8pc2QZ13pc3uiUJrxzps17me1g9lDmYLL0KqjySCUfXtu1ibWvCv-h3pa4tARS0P0TUSogVg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM4NDQxODQ1MTcxNzc3NjM1Mg&google_push=AXcoOmTSKDsVLCf60yQHR8Le7kLzAa8pc2QZ13pc3uiUJrxzps17me1g9lDmYLL0KqjySCUfXtu1ibWvCv-h3pa4tARS0P0TUSogVg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9089
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEOTXxuPliERs4uYZnDMlfZU&google_cver=1&google_push=AXcoOmR7qRSZ3tooW6BgWxA8lK5r3f_J0rT1TW8Nyx5JX6HgxtkLWkAIxjJdoiaJnExR3U-23LK-WoGJTCMn6IjREhJ9upo...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR7qRSZ3tooW6BgWxA8lK5r3f_J0rT1TW8Nyx5JX6HgxtkLWkAIxjJdoiaJnExR3U-23LK-WoGJTCMn6IjREhJ9upos1Kh8PRA&google_hm=NTI3Njc4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR7qRSZ3tooW6BgWxA8lK5r3f_J0rT1TW8Nyx5JX6HgxtkLWkAIxjJdoiaJnExR3U-23LK-WoGJTCMn6IjREhJ9upos1Kh8PRA&google_hm=NTI3Njc4MDE4NTU4MTY2MDgx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR7qRSZ3tooW6BgWxA8lK5r3f_J0rT1TW8Nyx5JX6HgxtkLWkAIxjJdoiaJnExR3U-23LK-WoGJTCMn6IjREhJ9upos1Kh8PRA&google_hm=NTI3Njc4MDE4NTU4MTY2MDgx
Date
Sun, 12 Nov 2023 03:40:26 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9089
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQ-AFNUjIbgc3nhBsRKTZkl_GdrNMERdAbQE13LAyz9LGLZaMu_NWhDB8r80MmyJ79xXoDai-MFbf1Vq-liNV3h5BqS40BdO3E&google_gid=CAESEC--47obJB...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC--47obJBm3HwPYKoMtP_s&google_hm=T1BVOGIyYThkMjNkYjBlNGFkYjlhMWE1ZjQzYWY3OTdlNmU&google_nid=opera_norway_as&google_push=AXcoOmQ-AFNU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC--47obJBm3HwPYKoMtP_s&google_hm=T1BVOGIyYThkMjNkYjBlNGFkYjlhMWE1ZjQzYWY3OTdlNmU&google_nid=opera_norway_as&google_push=AXcoOmQ-AFNUjIbgc3nhBsRKTZkl_GdrNMERdAbQE13LAyz9LGLZaMu_NWhDB8r80MmyJ79xXoDai-MFbf1Vq-liNV3h5BqS40BdO3E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC--47obJBm3HwPYKoMtP_s&google_hm=T1BVOGIyYThkMjNkYjBlNGFkYjlhMWE1ZjQzYWY3OTdlNmU&google_nid=opera_norway_as&google_push=AXcoOmQ-AFNUjIbgc3nhBsRKTZkl_GdrNMERdAbQE13LAyz9LGLZaMu_NWhDB8r80MmyJ79xXoDai-MFbf1Vq-liNV3h5BqS40BdO3E
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
327
expires
Mon, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame 9089
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMe6kn4AvqjV...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YzQ5N2ZiMzgtYmQ0ZS00ZmIzLThkYTEtMDM2YjJjYjQzNjNk&google_push=AXcoOmQpRy5oCgf5soAhyuflLX17YVqtZKpxLg9fqOYr9JjIS48DnJfa_vF7WfQRy5z-5...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H2
Server
23.37.113.154 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-154.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Sun, 12 Nov 2023 03:40:26 GMT
pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9089 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSPVUurxs44e0M14t7I1srG-656jM6ACzbj7pUZZtP2CzppJXZu8nJvCy3fKk1R53yqIjQM_eg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3964816748264478&output=html&h=250&adk=3912096616&adf=3173046727&w=300&channel=5630211354%2C7106944556&format=300x250_pas_abgc&color_bg=F3F3F3&color_border=B8B8B8&color_link=0000FF&color_text=000000&color_url=008000&url=https%3A%2F%2Fwww.drugs.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699760424564&bpp=174&bdt=123&idt=294&shv=r20231108&mjsv=m202311080101&ptt=5&saldr=sd&cookie=ID%3D67a4ce0aefa9ca97%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ&gpic=UID%3D00000cd7932ab697%3AT%3D1699760424%3ART%3D1699760424%3AS%3DALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA&correlator=6542514772049&frm=23&ife=4&pv=2&ga_vid=1935772248.1699760425&ga_sid=1699760425&ga_hid=1125036507&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=217&ady=1669&biw=1600&bih=1200&isw=300&ish=250&ifk=94169024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807460%2C31078297%2C44807406%2C31079587%2C44807763%2C44808148%2C31079473&oid=2&pvsid=4473062996940018&tmod=14303559&uas=0&nvt=1&loc=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.st5ublrbm9c&btvi=1&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=7951105042517337080
86 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=7951105042517337080
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
an-x-request-uuid
ce619095-0509-4d05-835e-083f207f0930
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=7951105042517337080
x-proxy-origin
5.181.234.134; 5.181.234.134; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
u.openx.net/w/1.0/ Frame A187 		921 B
893 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
069eeae174e8a30522dad9d4a449b254c7ad1b37afffa1f3c2c6b7f7a8b842a7

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
579
content-type
text/html
date
Sun, 12 Nov 2023 03:40:26 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
khaos.json
token.rubiconproject.com/ Frame 7BFF 		7 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
setuid
prebid-server.rubiconproject.com/ Frame A187 		0
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=6d1855a9-26f0-453b-bc73-d2a6d2528e8e
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame A187
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZVBJKgAA_NSVfwBf
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVBJKgAA_NSVfwBf&_test=ZVBJKgAA_NSVfwBf
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVBJKgAA_NSVfwBf&_test=ZVBJKgAA_NSVfwBf
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-lga21961-LGA
pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1699760427.766625,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVBJKgAA_NSVfwBf&_test=ZVBJKgAA_NSVfwBf
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
c001bc22-0fc3-e49b-e628-0446ac5e814a
pr-bh.ybp.yahoo.com/sync/openx/ Frame A187 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c001bc22-0fc3-e49b-e628-0446ac5e814a?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:1404:5fed:fb6f:9150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame A187 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0c10a61b-83c5-cd28-17f1-90243b3a87e3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FX6CDZZ26WTBPXJJBD9F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A187
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=54c6da66-9f6f-76d2-d7ff-12b353094c03&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=59101c9a-21ec-4bd8-91fa-67f15008d9f8&ttd_puid=54c6da66-9f6f-76d2-d7ff-12b353094c03&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=59101c9a-21ec-4bd8-91fa-67f15008d9f8&ttd_puid=54c6da66-9f6f-76d2-d7ff-12b353094c03&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=59101c9a-21ec-4bd8-91fa-67f15008d9f8&ttd_puid=54c6da66-9f6f-76d2-d7ff-12b353094c03&gdpr=0&gdpr_consent=
date
Sun, 12 Nov 2023 03:40:26 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame A187 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzhhOTA5YWMtNTYxOC0yODc2LWMyMWYtNDgwYTk5ZWI4MjYz
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A187
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF1WOacfLimVUDTTNs__3LM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF1WOacfLimVUDTTNs__3LM&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF1WOacfLimVUDTTNs__3LM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ipv6.adrta.com/ Frame 7DAA 		164 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipv6.adrta.com/?callback=_1699760426780
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:b4f:4b03:4a0d:9a74:130d:b53d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
04b25a258061062e91df449192ee34d3acaa705e056610f149a7f30efbff261f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
content-type
text/javascript; charset=utf-8
i
adrta.com/ Frame 7DAA 		145 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=57896926&__aasv=23.001&__aaii=12791349847020128547&__aait=1699760426204&__aavz=600&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=17&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aarf=3&__aart=19&__aaax=0&__aaay=0&__aasz=300x250&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aaho=1&__aacb=990263295ea28c4c6a371c44d94d838e&__aaxf=5.181.234.134%2C%2010.1.6.235&__aaci=bdu&paid=bdu&avid=536&caid=1924049&plid=86aba9e2800e5cb45023cf9dc4904e0e&publisherId=pub-3964816748264478&siteId=61492706&priceBid=0.20&kv1=300x175&kv3=CAESEN3GrqJ6xOb8ORF1CQkijfs&kv4=2a0d%3A5600%3A24%3A%3A&kv7=&kv11=OTkwMjYzMjk1ZWEyOGM0YzZhMzcxYzQ0ZDk0ZDgzOGVfNzAtNDQ3OC53d3cuZHJ1Z3MuY29tLjMwMHgyNTAuMC0x&kv12=70-4478.www.drugs.com.300x250.0-1&kv15=NY&kv26=windows&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.123+Safari%2F537.36&kv71=0&kv24=Desktop&kv5=70&kv55=1.0%2C1%21google.com%2Cpub-3964816748264478%2C1%2C%2C%2C%21mediago.io%2C%2C1%2C990263295ea28c4c6a371c44d94d838e%2Cmediago%2C&kv2=https%3A%2F%2Fwww.drugs.com&__aapu=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads&__aapr=https%3A%2F%2Fqw.jinghuashuiyao.xyz&__aatu=https%3A%2F%2Fqw.jinghuashuiyao.xyz
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.220.12.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-220-12-129.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e465b69471756c44b36550bff5e1d6ad499d7266887fcf8abe8cbbcafa8b2f58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/javascript;charset=ISO-8859-1
pragma
no-cache
date
Sun, 12 Nov 2023 03:40:26 GMT
cache-control
no-cache
content-encoding
gzip
server
nginx
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 494E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUD9FuNgRCmN_w0CFaDJ1apd_byBrkHI6uJThI8lTpcjlCYM1zO8txhYom__buETF4xkKaJlDYH2Cyigf-gShkbC0uMJoHnSRZfArrPa6ygOegZVzTyRd1bCYQCfFaZO3mDbeT2Ze3x9_hF8qUlN2oAFFKThCl1LADrjZfSUbkd65XbDWUa7A4CSwgv-6UMaSazYu2PMd6-MsiheshB4dRu_NwIBlzR5XCqsOr8bu0Awt-ikvG6ZQyu-psey6ecUZHrDxX9xcLGxL7wPXvSv7AlFVHcjsj0FptSrCJxqSRqvkQPVS9A7ZspK8LXjcYJeNL_wRhQp7fSFz0xtOiPLGyNxBBLkauxQ&sai=AMfl-YQBsWNyNTC3t6fYo9zU5DvYGPHFmi6sUGnesXpSFe-FlAWSmLtGbWrf_Y9SYKpiXeF7bkk0SkTqyz3Ut5Vs0ia_eRnjjppcLj1u6DUBae8Ni4aKuVOS5EIW7WN4OITPvNQWtCL4RT8AYTEvcun9Kgc&sig=Cg0ArKJSzNw8EhtkmCVCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Nov 2023 03:40:27 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 494E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_fy2021.js?bust=31079587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8505fb533c87697fec648aa24869517b3370cafa071a8bdb065de434dfcbb58d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12206
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 7BFF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOUXGXA5-B-CIIH
  • https://usersync.gumgum.com/usersync?b=mag&i=LOUXGXA5-B-CIIH
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LOUXGXA5-B-CIIH
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LOUXGXA5-B-CIIH
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 494E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Nov 2023 03:40:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EABF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
36161
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 17:37:46 GMT
expires
Sun, 10 Nov 2024 17:37:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8DB5 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9d2093c5356a84a428ac01d530a776b7d3148e680c378d322fcf12796f54a580
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3SSKrefdkuTEJ8gsZk5pBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3SSKrefdkuTEJ8gsZk5pBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 03:40:27 GMT
expires
Sun, 12 Nov 2023 03:40:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7BFF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DAJ9Y71KTBB6FMBHKEFR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7BFF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/eqi6e5WCBDqlnqJQDBZCAQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cv.TQntE2oKd3mPHBRvCHMfrHe7oSFnhimjudQ--~A
42 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cv.TQntE2oKd3mPHBRvCHMfrHe7oSFnhimjudQ--~A
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 12 Nov 2023 03:40:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cv.TQntE2oKd3mPHBRvCHMfrHe7oSFnhimjudQ--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 7BFF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOUXGXA5-B-CIIH
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOUXGXA5-B-CIIH
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 45042520C22E4BD8B6987D6F5455E03F Ref B: EWR30EDGE1108 Ref C: 2023-11-12T03:40:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJ7FB90FuD1PNhV1610g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOUXGXA5-B-CIIH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7BFF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zCysdxYMTyikY87G_0kPoA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zCysdxYMTyikY87G_0kPoA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zCysdxYMTyikY87G_0kPoA
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GDM5X2QJ6FF2PWWNRN7M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zCysdxYMTyikY87G_0kPoA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7BFF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9VWEdYQTUtQi1DSUlI
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBkrtVGtRy5I45rJRl2CRX4&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9VWEdYQTUtQi1DSUlI&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9VWEdYQTUtQi1DSUlI&google_push=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9VWEdYQTUtQi1DSUlI&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 7BFF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=59101c9a-21ec-4bd8-91fa-67f15008d9f8&gdpr=0&gdpr_consent=&expires=30
42 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=59101c9a-21ec-4bd8-91fa-67f15008d9f8&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=59101c9a-21ec-4bd8-91fa-67f15008d9f8&gdpr=0&gdpr_consent=&expires=30
date
Sun, 12 Nov 2023 03:40:27 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 7BFF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzlhNzgxMGExYThlZTU5YjI0NGU0NjJkMGQzZTFkZGRlMDcyNmU2Yw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzlhNzgxMGExYThlZTU5YjI0NGU0NjJkMGQzZTFkZGRlMDcyNmU2Yw
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzlhNzgxMGExYThlZTU5YjI0NGU0NjJkMGQzZTFkZGRlMDcyNmU2Yw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7BFF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEImDSU_8ViyFGTP8pZnAfIc&google_cver=1
42 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEImDSU_8ViyFGTP8pZnAfIc&google_cver=1
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEImDSU_8ViyFGTP8pZnAfIc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7BFF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADYaU7KoJIAABY6SAH-Ew&expires=30
42 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADYaU7KoJIAABY6SAH-Ew&expires=30
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADYaU7KoJIAABY6SAH-Ew&expires=30
Date
Sun, 12 Nov 2023 03:40:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
capi.connatix.com/us/ Frame 7BFF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LOUXGXA5-B-CIIH&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LOUXGXA5-B-CIIH&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LOUXGXA5-B-CIIH&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
824bc0f029055e73-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 12 Nov 2023 03:40:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LOUXGXA5-B-CIIH&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
824bc0efc8ae5e73-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
magnite
prebid.a-mo.net/setuid/ Frame 7BFF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LOUXGXA5-B-CIIH
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LOUXGXA5-B-CIIH
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:26 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LOUXGXA5-B-CIIH
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
cksync
hb.yahoo.net/ Frame 7BFF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOUXGXA5-B-CIIH&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOUXGXA5-B-CIIH&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yQ3hGQlpsRTJ1SFFtT2JEN3RMRW1FUVFuZUs3bERoQn5B&ovsid=LOUXGXA5-B-CIIH&dpid=58160
53 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yQ3hGQlpsRTJ1SFFtT2JEN3RMRW1FUVFuZUs3bERoQn5B&ovsid=LOUXGXA5-B-CIIH&dpid=58160
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
23.44.201.234 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-201-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 12 Nov 2023 03:40:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sun, 12 Nov 2023 03:40:27 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yQ3hGQlpsRTJ1SFFtT2JEN3RMRW1FUVFuZUs3bERoQn5B&ovsid=LOUXGXA5-B-CIIH&dpid=58160
date
Sun, 12 Nov 2023 03:40:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 7BFF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOUXGXA5-B-CIIH
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOUXGXA5-B-CIIH
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOUXGXA5-B-CIIH&ckls=true&ci=CNC3PmUPrL&nc=false&trid=-271443877
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOUXGXA5-B-CIIH&ckls=true&ci=CNC3PmUPrL&nc=false&trid=-271443877
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
18.239.69.99 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
via
1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
AMS58-P4
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
FJRoGN8mfFinObT71penlP5Z0fpMjKFBlXSlXBp3wuvB14dqI7YdFA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
via
1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
AMS58-P4
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOUXGXA5-B-CIIH&ckls=true&ci=CNC3PmUPrL&nc=false&trid=-271443877
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
L4AaWQ2G8oJVrNFP7icVBYOcb351KLgQIjaCQJK04vB4tLNTst8YoQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 7BFF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOUXGXA5-B-CIIH
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOUXGXA5-B-CIIH
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOUXGXA5-B-CIIH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 7BFF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LOUXGXA5-B-CIIH
  • https://ce.lijit.com/merge?pid=80&3pid=LOUXGXA5-B-CIIH&dnr=1
43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LOUXGXA5-B-CIIH&dnr=1
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
23.92.190.68 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LOUXGXA5-B-CIIH&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 7BFF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOUXGXA5-B-CIIH
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOUXGXA5-B-CIIH
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:27 GMT
an-x-request-uuid
fbb37616-e841-4fd8-8820-7102e4dea781
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.134; 5.181.234.134; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOUXGXA5-B-CIIH
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame EABF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 20:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
26506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Nov 2024 20:18:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=4473062996940018&rc=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame EABF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Ysti7Q
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 494E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231108&jk=4473062996940018&bg=!hYalhsnNAAZxrfrxUa07ADQBe5WfODUiDG5DKksIT3aO8jKwSUQfOOVcjtUexib-GFXI971L2lDciX5Opf_fnGigExzuAgAAAIFSAAAAEmgBBwoAP-5dUClj5RBw3zI95qYsWGSidB9tfxGVoO2OI3G0rpKVAoNNWghCqXaqk03TVEvC3KvnH9k9-feg-9nuxQpCUZkC58i_Pam-RGdqAN0KYCqjEOd37Adhr32nUhIWbsvyObNg-QcGPaWUzinFJC9qQaK_oJ9dbQm3sxaoSYjHP2jSjcQ3-pO4bhp51j2r0RzUVL8Ex6HzlXzVGFf6s2IvBXMqVrr-Xct81yXs1Hr49q5m-b0D7BVznP4odYOIlQVxpDeV-bLnwXdKahvOkSP7LwJegWD8r2XiixYox4AsBDyJM5TSE4KmF4sa-u0gUKtyycWWHqmLO-2ywygqP6psBLqF1N81526-uPQOb-3iwZWeGFneb-JeKbxDMh_rhHWbDv1-rshY6oNxDEEkOkuwN8iyPvJuN7Q5R5Tyhs8qe5pVhZsNrIP0cJBBuWqmb3oYtGdpFzEy81DW2NrmGe_nTBKqcZ4gzxoSdM0yDUKXR6OLsmPluDJXhsJf1Cmo9hvQOPpdwt69EKpsbtQnRjdkGl-QaEpWk_YQkINVB5JFTop5J0kr2Eaf-w-JDlXnknLhLXWxuFVpvIWO4oAcTFLvvcHsSwnH6giHpbSBB6EZ9FDZIAaQrvidcBTe-LGJboOQEyIAkckCWeK0lRHw_j1EfnQe58fsWMQ8tkTlIQQPanh4iuSNcdo0LQRn7NKvilArnXB5W-sPI_b7IXo6qODOX0P8OxyOVoyhDmWfx-rU2mV0k1ohmiUULl0EigtIBD7qhdm_4crmFA8PLMSRLspzWfJKskZ-o3l5-9CDLZPcJKfzQLCE95pxsA5G_WNq6NBBEVQy5S4-GZJrxfyTc0gjKZholOQ2MjwZQA0DTB4Px-6hkWMpzMBRWwknwtel8hzzPQR4vcDztHnnp2EeaogCNIrqOpcvu3yjNQkdsHuQ1DdNayVPOUrC6pJYXZVAElIt8AHieU4fd2hVCNWCZgzxeQuTehqKT8xvrVxDZF4dGIGtTyj_707brtcN-eFxLCioIgPQ98XYotbpelbm7K9bKxGkITqctmH8-6wBbZvBHWOWqwZOfuiHC3Xq
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ 		221 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MZ4MM39
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/bundle/a38dcf2e/js/module/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9ccaff3a6b3fc267980e2a91c0cddd41351e99d8aa171d65a0e5f2bff7df41ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77291
x-xss-protection
0
last-modified
Sun, 12 Nov 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Nov 2023 03:40:28 GMT
js
www.googletagmanager.com/gtag/ 		256 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NC862DPYNN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ4MM39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d90e19153cac7cd24627b7dbefa9b85405b713d538f67d7911dc0fb4752862b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88476
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 12 Nov 2023 03:40:28 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ4MM39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Nov 2023 02:09:39 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5449
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 12 Nov 2023 04:09:39 GMT
collect
analytics.google.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-NC862DPYNN&gtm=45je3b81v880415262z8833563219&_p=1699760422480&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1469202067.1699760424&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&sid=1699760428&sct=1&seg=0&dt=Drugs.com%20-%20Prescription%20Drug%20Information&en=page_view&_fv=1&_ss=1&ep.content_type=Home%20Page&ep.content_section=Homepage&ep.content_sub_section=Homepage&ep.content_audience=Consumer&ep.content_ugc=No&ep.page_index_status=index%2Ffollow&ep.page_orphan=No&ep.content_size=Medium%20Page&ep.app_source=Web&ep.page_traffic_op=No&ep.ads_pro=No&ep.user_signed_in=No&ep.zone_ids=%3B4046%3B&ep.content_group=Homepage&ep.cpuv_drugslist=No&up.user_ilink=No&tfd=6808
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NC862DPYNN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NC862DPYNN&cid=1469202067.1699760424&gtm=45je3b81v880415262z8833563219&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NC862DPYNN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 1F5A 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:24:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
www.google-analytics.com/j/ 		4 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1209387501&t=pageview&_s=1&dl=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&ul=en-us&de=UTF-8&dt=Drugs.com%20-%20Prescription%20Drug%20Information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1436616658&gjid=1427661021&cid=1469202067.1699760424&tid=UA-78451-2&_gid=1868792809.1699760428&_r=1&_slc=1&gtm=45He3b81n81MZ4MM39v833563219&cg1=Home%20Page&cg2=Homepage&cg3=Medium%20Page&cd11=No&cd15=No&cd16=Consumer&cd18=Web&cd24=Homepage&cd25=%3B4046%3B&cd43=index%2Ffollow&cd59=No&cd88=0&cd89=0&gcd=11l1l1l1l1&dma=0&z=286708796
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-78451-2&cid=1469202067.1699760424&jid=1436616658&gjid=1427661021&_gid=1868792809.1699760428&_u=YADAAEAAAAAAACAAI~&z=1848760540
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 12 Nov 2023 03:40:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qw.jinghuashuiyao.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-78451-2&cid=1469202067.1699760424&jid=1436616658&_u=YADAAEAAAAAAACAAI~&z=248483692
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
envelope
api.rlcdn.com/api/identity/ 		0
0
checksync.php
contextual.media.net/ Frame 48C1 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUCS6QV3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.252.26 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
656e61a60bd2e6bdf0002cb97e161a166bbe102b56c5e80b18bca83637fa1dee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9624
content-type
text/html; charset=UTF-8
date
Sun, 12 Nov 2023 03:40:29 GMT
expires
Tue, 14 Nov 2023 03:40:29 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 0ED3 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.253.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-253-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Nov 2023 03:40:29 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
cookies.nextmillmedia.com/ Frame A3D0 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/sync?type=iframe
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.59.34 -, , ASN (),
Reverse DNS
Software
fasthttp /
Resource Hash
6c350bc38e552cfd95f7f921e35f606ac04c09f2d268a0b1b629e1566abd6c88

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
1888
content-type
text/html
date
Sun, 12 Nov 2023 03:40:29 GMT
server
fasthttp
iframe
sync.adprime.com/ Frame 6ECC 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adprime.com/iframe?pbjs=1&coppa=0
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
19a7a8422d8f83ddea562697a937aaddafcb0c3cf7aa4d6428624b4ff749b445

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
3517
Content-Type
text/html
Date
Sun, 12 Nov 2023 03:40:29 GMT
Keep-Alive
timeout=5
visitormatch
bh.contextweb.com/ Frame 6D5E 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
2c88cc4e711770b66108a4a4289d190669d0ce45cc7dd093ba957a3a59a07cf4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
3734
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6b57df6cd5-cgg2c
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
sync
eb2.3lift.com/ Frame A10C 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
33af25ea6e4ae295446ef900537c762bfc9b6cc8973d1bf64dd5da7f65c35a58

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Sun, 12 Nov 2023 03:40:29 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 55F6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13482_drugs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95b4 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://qw.jinghuashuiyao.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
279
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
824bc0fb598d4267-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 12 Nov 2023 03:40:29 GMT
expires
Sun, 12 Nov 2023 07:40:29 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=fd814904-6659-49a4-b9d4-43a8f8490919&gdpr_consent=null&gdpr=0
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=fd814904-6659-49a4-b9d4-43a8f8490919&gdpr_consent=null&gdpr=0
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=fd814904-6659-49a4-b9d4-43a8f8490919&gdpr_consent=null&gdpr=0
date
Sun, 12 Nov 2023 03:40:29 GMT
server
_
content-length
0
usermatch
ssum-sec.casalemedia.com/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqfHY0mJOXXlXlkkVXUpvfM7btyhq0yPDFLizuvZVJ6GjZqyPaA2%2BFVl4q3ByJhuSMxxoXGpngqfSLWH2zD1YltL2nMWKgRK7gyABfU%2FOK576kcvnpxlLXwvsPQGknqypCyXIDGuXXlt9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
cache-control
no-cache
cf-ray
824bc0f9acdf42ef-EWR
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=2480975299383853849&gdpr=0&gdpr_consent=
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=2480975299383853849&gdpr=0&gdpr_consent=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=2480975299383853849&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/38584006/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
18.239.83.91 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:27:25 GMT
content-encoding
gzip
via
1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 09:10:12 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P5
age
787
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
dx1e_OjUBDw9K-et_wvaRsJMT0owkC9EYC8PYXrFB27dt5nAU5-u_Q==

Redirect headers

date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
E-J6IEDXZEdWQcNPlxL9cb2T7jtzllgCc1-Qyq9gyit9lfDEDjV_Ag==
PugMaster
image6.pubmatic.com/AdServer/ Frame 1F5A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64512802&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a5947ce0ecf812b322381f0edfb123810cda973580ba806290b2d2419fbaced8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 12 Nov 2023 03:40:27 GMT
content-length
2022
content-type
text/html; charset=UTF-8
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 42EA 		85 B
258 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 12 Nov 2023 03:40:29 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lga21961-LGA
x-timer
S1699760429.285311,VS0,VE8
Pug
image2.pubmatic.com/AdServer/ Frame 74BE
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ba044e0be2b54ac69ed7a
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ba044e0be2b54ac69ed7a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 11 Nov 2023 19:27:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Sun, 12 Nov 2023 03:40:28 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ba044e0be2b54ac69ed7a
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame BFFD
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=397e85c6-810d-11ee-b26a-b7870c09b7e7
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=397e85c6-810d-11ee-b26a-b7870c09b7e7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 12 Nov 2023 03:40:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sun, 12 Nov 2023 03:40:29 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=397e85c6-810d-11ee-b26a-b7870c09b7e7
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-2
Pug
image2.pubmatic.com/AdServer/ Frame E52A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=59G7XeXdvAn80rpZ4t2jVeWC6Av8hrlb4ILf3D6Z
42 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=59G7XeXdvAn80rpZ4t2jVeWC6Av8hrlb4ILf3D6Z
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 12 Nov 2023 03:40:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 12 Nov 2023 03:40:29 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=59G7XeXdvAn80rpZ4t2jVeWC6Av8hrlb4ILf3D6Z
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 3DF9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=0&gdpr_consent=&gdp...
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=530e5f89-1a8f-31ff-a55c-06d838010614&ssp=pubmatic&bsw_param=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 12 Nov 2023 03:40:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 12 Nov 2023 03:40:29 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 20B5
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=527678018558166081
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=527678018558166081
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 12 Nov 2023 03:40:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 12 Nov 2023 03:40:29 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=527678018558166081
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
usersync
usersync.gumgum.com/ Frame 13CB 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=D73D9093-D4FA-4908-93A7-01F9CAFE2D97
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 12 Nov 2023 03:40:29 GMT
Expires
0
Pragma
no-cache
insync
thrtle.com/ Frame 1F5A 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&gdpr=0&gdpr_consent=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.163.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-163-185.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 12 Nov 2023 03:40:29 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 1F5A 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&gdpr=0&gdpr_consent=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 1F5A 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&gdpr=0&gdpr_consent=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.222.112 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 1F5A 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=D73D9093-D4FA-4908-93A7-01F9CAFE2D97&gdpr=0&gdpr_consent=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.125.92 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 12 Nov 2023 03:40:29 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1F5A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8392f24d-0ada-490b-952e-a47ef9697103&gdpr=0&gdpr_consent=
1 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8392f24d-0ada-490b-952e-a47ef9697103&gdpr=0&gdpr_consent=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8392f24d-0ada-490b-952e-a47ef9697103&gdpr=0&gdpr_consent=
Date
Sun, 12 Nov 2023 03:40:29 GMT
Connection
keep-alive
X-CI-RTID
c00fad1a-c32f-422a-b722-7d32a6056ec8
Content-Length
205
Content-Type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 1F5A 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.59.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1F5A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e66dafa6-ef99-4c1d-b674-926ccd8a8a5e-6550492d-5553&gdpr=0&gdpr_consent=
42 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e66dafa6-ef99-4c1d-b674-926ccd8a8a5e-6550492d-5553&gdpr=0&gdpr_consent=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e66dafa6-ef99-4c1d-b674-926ccd8a8a5e-6550492d-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame 1F5A
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10C03211E_9F75B26E&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
HTTP/1.1
Server
38.68.201.140 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-382765229; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:28 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-382765229; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sun, 12 Nov 2023 03:40:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 0ED3 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.253.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-253-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
64495d1b9a11f0bbf0601078753d0cea1f987dc62406ba5b5209339ecda7df91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 03:40:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Nov 2023 00:54:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76428
Connection
keep-alive
Content-Length
13280
Expires
Mon, 13 Nov 2023 00:54:17 GMT
rtset
bh.contextweb.com/bh/ Frame 6D5E
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=4086da77f79b10e2&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF0mOr56owrwNm1ZO5AAAAAAA&expiration=1699846829&nuid=&is_secure=true&gdpr_consent=&gdpr=0
49 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF0mOr56owrwNm1ZO5AAAAAAA&expiration=1699846829&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-cgg2c
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF0mOr56owrwNm1ZO5AAAAAAA&expiration=1699846829&nuid=&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rtset
bh.contextweb.com/bh/ Frame 6D5E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=X2tfNnJPRFBqT2FiQ2lnSnYtQ3ZLQQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOZpiF2j4CJEtSSTYutQWhg&google_cver=1
49 B
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOZpiF2j4CJEtSSTYutQWhg&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-cgg2c
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOZpiF2j4CJEtSSTYutQWhg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 6D5E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pulsepoint
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=pulsepoint&bsw_custom_parameter=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Ddd1d3d63-2c54-42e7-8ac9-4dc323055116%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7951105042517337080&pt=dd1d3d63-2c54-42e7-8ac9-4dc323055116%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=pulsepoint&bsw_param=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a
  • https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a
49 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-cgg2c
expires
-1

Redirect headers

Location
//bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a
Date
Sun, 12 Nov 2023 03:40:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55972/ Frame 6D5E 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55972/sync?uid=c4oQ0PzSADVr&_origin=1&gdpr=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
xuid
eb2.3lift.com/ Frame 6D5E 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=c4oQ0PzSADVr&dongle=8bee
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
v1
match.sharethrough.com/sync/ Frame 6D5E 		68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&source_user_id=c4oQ0PzSADVr
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.44.50 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-cache
content-length
68
content-type
image/png
dcm
s.amazon-adsystem.com/ Frame 6D5E
Redirect Chain
  • https://s.ad.smaato.net/c/?dspInit=1001299&dspCookie=c4oQ0PzSADVr
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=93dfb3d8c8&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=93dfb3d8c8&gdpr=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZJGBZWPAE1HY8HQJ3QF1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
location
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=93dfb3d8c8&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Ct12pHANVIQF2Lmbb0JHydvrW2GefuRju58RrcivGFEUf6gYiSbfIg==
rtset
bh.contextweb.com/bh/ Frame 6D5E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_cm&google_hm=c4oQ0PzSADVr
  • https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESELU0Z1w1QUybmQZgOkNHrEM&google_cver=1
49 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESELU0Z1w1QUybmQZgOkNHrEM&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-cgg2c
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESELU0Z1w1QUybmQZgOkNHrEM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trc.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame 6D5E 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?taboola_hm=c4oQ0PzSADVr
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-vcl-time-ms
23
date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 varnish
x-served-by
cache-lga21948-LGA
server
nginx
x-timer
S1699760429.413332,VS0,VE23
x-fastly-to-nlb-rtt
22231
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v2
x-cache-hits
0
sync
partners.tremorhub.com/ Frame 6D5E 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?uipp=c4oQ0PzSADVr
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:5fe1:169a:9e33:a694 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 12 Nov 2023 03:40:29 GMT
server
nginx
content-type
image/gif
UserMatch.ashx
atemda.com/ Frame 6D5E 		0
0
um
sync.teads.tv/ Frame 6D5E 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=142&uid=c4oQ0PzSADVr&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.113.154 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-154.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Sun, 12 Nov 2023 03:40:29 GMT
pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 6D5E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=c4oQ0PzSADVr&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1NKQNMRMNCHQAQHN410C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 6D5E 		43 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=c4oQ0PzSADVr&ext=1&pn_id=pp
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.202.75 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
usersync
sync.springserve.com/ Frame 6D5E 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=849&uuid=c4oQ0PzSADVr
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.86.121.216 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Nov 2023 03:40:29 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
rum
dsum.casalemedia.com/ Frame 6D5E 		43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=189&external_user_id=c4oQ0PzSADVr&expiration=[EXPIRATION]
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKcKwnAbs8%2FM5Es4hkliMNrAQ%2BJfN873IUTLl3yAyYiFQ46DiC0IBaHsBmdYyac5KGghqJOpKsmeTzlWLQoz05jF80CYPtR9zTUg375l0gFjISKWOOLkEAQyqap5WBJxXGshWVDG"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fbe80542ef-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
PulsePoint
crb.kargo.com/api/v1/dsync/ Frame 6D5E 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/PulsePoint?exid=c4oQ0PzSADVr
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.222.112 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
pp.gif
sync.colossusssp.com/ Frame 6D5E 		9 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/pp.gif?puid=c4oQ0PzSADVr
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.155.68 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 03:40:29 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 6D5E 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=c4oQ0PzSADVr
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-vcl-time-ms
23
date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 varnish
x-served-by
cache-lga21948-LGA
server
nginx
x-timer
S1699760429.457782,VS0,VE23
x-fastly-to-nlb-rtt
22212
x-cache
MISS
accept-ranges
bytes
x-service-version
v1
x-cache-hits
0
56409
i.liadm.com/s/ Frame 6D5E
Redirect Chain
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=c4oQ0PzSADVr
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2480975299383853849
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=37a8c340-c527-456b-ba7d-bf5ac823c3bf
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=62afbe01-4457-4306-9b9f-9bfa2937a561%3A1699760429.7300751&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D62afbe01-4457-4306...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=527678018558166081&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D62afbe0...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=62afbe01-4457-4306-9b9f-9bfa2937a561%3A1699760429.7300751&pid=500040&it=1&iv=62afbe01-4457-4306-9b9f-9bfa2937a561%3A1699760429.7300751&_=169...
0
0
put
e1.emxdgt.com/ Frame 6D5E
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=400&user_id=c4oQ0PzSADVr&expires=30&user_group=[NUMERICAL_VALUE]
  • https://e1.emxdgt.com/put?d=d21&uid=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&us_privacy=
43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d21&uid=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
34.235.210.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
content-length
43
x-nosync
emp
content-type
image/gif

Redirect headers

Location
//e1.emxdgt.com/put?d=d21&uid=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 12 Nov 2023 03:40:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
bid
cs.chocolateplatform.com/ Frame 6D5E 		0
0
setuid
ib.adnxs.com/ Frame 6D5E 		43 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=494&code=c4oQ0PzSADVr
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
an-x-request-uuid
122981c8-712e-4e5d-b19e-2f257b98e134
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.134; 5.181.234.134; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6D5E 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=545637763&val=c4oQ0PzSADVr
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6D5E 		42 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTkmdGw9MTI5NjAw&piggybackCookie=c4oQ0PzSADVr
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 12 Nov 2023 03:40:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cksync.php
hbx.media.net/ Frame 6D5E 		53 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbx.media.net/cksync.php?cs=3&type=ppt&ovsid=c4oQ0PzSADVr&redirect=http://adnetwork.com/redirect/link
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 12 Nov 2023 03:40:29 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sun, 12 Nov 2023 03:40:29 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 6D5E 		0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=4939fd63-7a0f-46b9-9b09-9b6faa8292c9&biddername=10&pid=59c9148628a0612da3689288&key=c4oQ0PzSADVr
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
content-length
0
sync
ssbsync-global.smartadserver.com/api/ Frame 6D5E
Redirect Chain
  • https://ads.servenobid.com/getsync?ver=1&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D563074%26ev%3D%24UID
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25...
  • https://ads.servenobid.com/sync?pid=312&uid=7951105042517337080&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253F...
  • https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D563074%26ev%3D%24UID
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253...
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsy...
  • https://ad.turn.com/r/cs?pid=45&rndcb=734781309
  • https://sync.1rx.io/usersync/turn/2480975299383853849?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-eda73f08-cfe8-47fc-80f4-ad20da88b98c-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-eda73f08-cfe8-47fc-80f4-ad20da88b98c-00...
  • https://ads.servenobid.com/sync?pid=321&uid=RX-eda73f08-cfe8-47fc-80f4-ad20da88b98c-005&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dhttps%253A%252F%252Fbh.contextweb.c...
  • https://ads.servenobid.com/getsync?jp=2&redirect=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D563074%26ev%3D%24UID
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redire...
0
0
xuid
eb2.3lift.com/ Frame A10C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=59101c9a-21ec-4bd8-91fa-67f15008d9f8&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=59101c9a-21ec-4bd8-91fa-67f15008d9f8&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=59101c9a-21ec-4bd8-91fa-67f15008d9f8&dongle=0cfd&gdpr=0&gdpr_consent=
date
Sun, 12 Nov 2023 03:40:29 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame A10C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM1NTI0MjMwNTYwMjUxODk0ODA3Nw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame A10C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEB999rk0S0vnnhc0FMmowzs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEB999rk0S0vnnhc0FMmowzs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEB999rk0S0vnnhc0FMmowzs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A10C
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM1NTI0MjMwNTYwMjUxODk0ODA3Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM1NTI0MjMwNTYwMjUxODk0ODA3Nw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM1NTI0MjMwNTYwMjUxODk0ODA3Nw%3D%3D
date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame A10C 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4355242305602518948077&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:28 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: AB13A3B3D8BE48ADA0A7018CE8670CBA Ref B: EWR30EDGE1108 Ref C: 2023-11-12T03:40:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJ7FCYXzCos0M/TfJ3hg==
xuid
eb2.3lift.com/ Frame A10C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4355242305602518948077?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-2jSYF5pE2oSdLhwbo0vAreAdL_qFE1rqnv6VfOYYnQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-2jSYF5pE2oSdLhwbo0vAreAdL_qFE1rqnv6VfOYYnQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 12 Nov 2023 03:40:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-2jSYF5pE2oSdLhwbo0vAreAdL_qFE1rqnv6VfOYYnQ--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame A10C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4355242305602518948077&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=7bb48e12-47c8-4b40-81b6-c28a98fe4172&expires=10&ssp=triplelift&bsw_param=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a
  • https://eb2.3lift.com/xuid?mid=2409&xuid=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 12 Nov 2023 03:40:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame A10C 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
269994
expires
Sun, 12 Nov 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame A10C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7951105042517337080&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7951105042517337080&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
an-x-request-uuid
5a8b7b2d-68cb-42e5-b625-552201ee5ee9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=7951105042517337080&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
5.181.234.134; 5.181.234.134; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame A10C 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=4355242305602518948077
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
an-x-request-uuid
2e97e3f0-a010-4d2c-9166-a10a768ef505
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.134; 5.181.234.134; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adps359.gif
us.ck-ie.com/ Frame 6ECC 		42 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/adps359.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_Consent]&us_privacy=[CCPA]&coppa=0&redir=https%3A%2F%2Fsync.adprime.com%2F2e12c3299504dcf48b21c535556ef6db.gif%3Fpuid%3D%7B%24PARTNER_UID%7D
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync.html
s.adtelligent.com/ Frame 6ECC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ap
  • https://sync.adprime.com/43e1480a5bbfaed7f65c886b7abf3062.gif?puid=AADYaU7KoJIAABY6SAH-Ew
  • https://s.adtelligent.com/sync.html?aid=798038
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adtelligent.com/sync.html?aid=798038
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Server
107.151.11.58 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Location
http://s.adtelligent.com/sync.html?aid=798038
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
Expires
0
c8c80acb64916865fe4693e65eb88e1a.gif
sync.adprime.com/ Frame 6ECC
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fsync.adprime.com%2F5d5d5430b48420f748430bf7e12aa2a2.gif%3Fpuid%3D%5B%24UID%5D
  • https://sync.adprime.com/5d5d5430b48420f748430bf7e12aa2a2.gif?puid=[HpE8aQZHnRJctJIFQjSuVZ6Z]
  • https://us.shb-sync.com/6c8cfeda-0d22-4b58-a4f0-e4693e530957.gif?puid=0b071f4b-5622-4c12-bd80-a303f3cefd72&redir=[RED]&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
  • https://sync.adprime.com/c8c80acb64916865fe4693e65eb88e1a.gif?puid=1b9ccd6e-6955-463f-9316-a4120fc5b870&redir=[RED]
0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adprime.com/c8c80acb64916865fe4693e65eb88e1a.gif?puid=1b9ccd6e-6955-463f-9316-a4120fc5b870&redir=[RED]
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Server
8.2.110.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.adprime.com/c8c80acb64916865fe4693e65eb88e1a.gif?puid=1b9ccd6e-6955-463f-9316-a4120fc5b870&redir=[RED]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync
x.bidswitch.net/ Frame 6ECC 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=adprime&user_id=120c647e-ae55-46cb-8698-0c89808f2ac9
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 03:40:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
v1
match.sharethrough.com/sync/ Frame 6ECC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.adprime.com/6c864f9404f4de4243315d07a6053102.gif?puid=$UID
  • https://sync.adprime.com/6c864f9404f4de4243315d07a6053102.gif?puid=7951105042517337080
  • https://s.ad.smaato.net/c/?dspInit=1002112&dspCookie=160ef4e2-98be-4908-ad5a-d9cee1fa36f1
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=a5de2925a5&gdpr=0&gdpr_consent=
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=a5de2925a5&gdpr=0&gdpr_consent=
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
34.196.44.50 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
location
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=a5de2925a5&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
S9dcs9wWQrR6B0EMVvEPq-yg8XwuF3V4ItsJYPHlU0dHgXqrZ4H1Tg==
user-sync
sync-service.net/ Frame 6ECC
Redirect Chain
  • https://us.ck-ie.com/adpd175.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_Consent]&us_privacy=[CCPA]&coppa=0&puid=120c647e-ae55-46cb-8698-0c89808f2ac9
  • https://sync.adprime.com/7b550bad46a07eaf363bffd89522781f.gif?puid=NmlcpHCSQa8mxlft9v0ZlXmGqqv6A9SXqi1y%2BNLOFqg%3D
  • https://sync-service.net/user-sync?pl=decenterads&token=LSDC00hab0FQoPs2&uid=$[id]
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-service.net/user-sync?pl=decenterads&token=LSDC00hab0FQoPs2&uid=$[id]
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Server
204.62.14.190 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 03:40:29 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Location
https://sync-service.net/user-sync?pl=decenterads&token=LSDC00hab0FQoPs2&uid=$[id]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
Expires
0
user-sync
sync-service.net/ Frame 6ECC 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-service.net/user-sync?pl=decenterads&token=LSDC00hab0FQoPs2&uid=$[id]
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
204.62.14.190 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 03:40:29 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
sync.html
s.adtelligent.com/ Frame 6ECC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adtelligent.com/sync.html?aid=798038
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.58 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
user-sync
sync-service.net/ Frame 6ECC
Redirect Chain
  • https://sync.adprime.com/f4e2b93351de6eb2b501312ea72b38a0.gif?puid=120c647e-ae55-46cb-8698-0c89808f2ac9&redir=https://sync-service.net/user-sync?pl=community&token=tRyIt2Lh0b0doNsK&uid=$[id]
  • https://sync-service.net/user-sync?pl=community
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-service.net/user-sync?pl=community
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Server
204.62.14.190 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 03:40:29 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Location
https://sync-service.net/user-sync?pl=community
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
Expires
0
user-sync
sync-service.net/ Frame 6ECC 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-service.net/user-sync?pl=adsgard&token=Mxf32quU4FQzPlO8I&uid=$[id]
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
204.62.14.190 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 03:40:29 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame 6ECC
Redirect Chain
  • https://s.ad.smaato.net/c/?dspInit=1002112&dspCookie=120c647e-ae55-46cb-8698-0c89808f2ac9
  • https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=a5de2925a5&gdpr=0&gdpr_consent=
43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=a5de2925a5&gdpr=0&gdpr_consent=
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=a5de2925a5&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
z2kcIWz2jm7_VHjtzF0HkHkeo1RjiTCCtOzKPQBV9lht57k0dYondQ==
adsd514.gif
us.ck-ie.com/ Frame 6ECC
Redirect Chain
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=0&puid=120c647e-ae55-46cb-8698-0c89808f2ac9
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED]
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=7b2a6154-3933-420b-97ac-6bf42e3555e6
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED]
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=0268f61f-9f2d-4c28-ac4b-767767fb942a
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED]
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=00b5f1f2-2da9-4f5c-b9f2-3a3a8373c8e9
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED]
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=db211090-9845-4e9b-9680-79e46c295ac4
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED]
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=d9973a7f-ba1a-419a-a5c7-2c2fa3372500
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED]
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=1c3875a1-59ec-43fd-9fd7-821ef5ea492e
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED]
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=ca3aed69-a9eb-406a-931d-d9ae96feb4a0
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED]
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=31ade1f3-712a-42e1-abb3-f3822f949438
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED]
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=f16c8abd-1ff7-4d58-9479-9dadc13e5990
  • https://sync.adprime.com/93ba4fbfaa938c95f8b2cf05ada9838e.gif?puid=3b5598edfff1229da42b914e271747108fe86e0f5bef0af7aa5f80ea25c586f0&redir=[RED]
  • https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=4ad58a12-9b25-4842-87b3-b830733bc736
0
0
bed8ee2256b9d59953c5775afad990b3.gif
sync.adprime.com/ Frame 6ECC
Redirect Chain
  • https://us.ck-ie.com/adp571.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=0&https://sync.adprime.com/bed8ee2256b9d59953c5775afad990b3.gif?puid=120c647e-ae55-46cb-8698-0c89808f2ac9
  • https://sync.adprime.com/bed8ee2256b9d59953c5775afad990b3.gif?puid=NmlcpHCSQa8mxlft9v0ZlXmGqqv6A9SXqi1y%2BNLOFqg%3D&redir=[RED]
0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adprime.com/bed8ee2256b9d59953c5775afad990b3.gif?puid=NmlcpHCSQa8mxlft9v0ZlXmGqqv6A9SXqi1y%2BNLOFqg%3D&redir=[RED]
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Server
8.2.110.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.adprime.com/bed8ee2256b9d59953c5775afad990b3.gif?puid=NmlcpHCSQa8mxlft9v0ZlXmGqqv6A9SXqi1y%2BNLOFqg%3D&redir=[RED]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
db_sync
px.ads.linkedin.com/ Frame 6ECC
Redirect Chain
  • https://idsync.rlcdn.com/710773.gif?partner_uid=120c647e-ae55-46cb-8698-0c89808f2ac9
  • https://idsync.rlcdn.com/1000.gif?memo=CPWwKxIwCiwIARDj8AkaJDEyMGM2NDdlLWFlNTUtNDZjYi04Njk4LTBjODk4MDhmMmFjORAAGg0IrZLBqgYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=e9b4074d3aed417349fbfd3d79d78dfe86e6eab9bffeb1365efe2eab893c0664791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e9b4074d3aed417349fbfd3d79d78dfe86e6eab9bffeb1365efe2eab893c0664791426b5417dce21&rand=00080737
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e9b4074d3aed417349fbfd3d79d78dfe86e6eab9bffeb1365efe2eab893c0664791426b5417dce21&rand=00080737
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: FB0C7884892544E2B8A1A6418FFA688B Ref B: EWR30EDGE1108 Ref C: 2023-11-12T03:40:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJ7FCdRIHd/VEdns660w==

Redirect headers

date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e9b4074d3aed417349fbfd3d79d78dfe86e6eab9bffeb1365efe2eab893c0664791426b5417dce21&rand=00080737
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
c8c80acb64916865fe4693e65eb88e1a.gif
sync.adprime.com/ Frame 6ECC
Redirect Chain
  • https://us.shb-sync.com/6c8cfeda-0d22-4b58-a4f0-e4693e530957.gif?puid=120c647e-ae55-46cb-8698-0c89808f2ac9&redir=[RED]&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
  • https://sync.adprime.com/c8c80acb64916865fe4693e65eb88e1a.gif?puid=7dace566-e685-4e29-be95-232b1ccbbcbf&redir=[RED]
0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adprime.com/c8c80acb64916865fe4693e65eb88e1a.gif?puid=7dace566-e685-4e29-be95-232b1ccbbcbf&redir=[RED]
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Server
8.2.110.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.adprime.com/c8c80acb64916865fe4693e65eb88e1a.gif?puid=7dace566-e685-4e29-be95-232b1ccbbcbf&redir=[RED]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
um
sync.e-planning.net/ Frame 6ECC 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=120c647e-ae55-46cb-8698-0c89808f2ac9&dc=10972063060b1c6a&iss=1
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

server
openresty
date
Sun, 12 Nov 2023 03:40:29 GMT
content-type
image/gif
09c8e2eece5857c291d6efc800b2a845.gif
sync.adprime.com/ Frame 6ECC
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=1B0D5B12-1453-4D2F-8696-FEB0364AF283&rurl=https%3A%2F%2Fsync.adprime.com%2F09c8e2eece5857c291d6efc800b2a845.gif%3Fpuid%3D%24%24visitor_cookie%24%24%26red...
  • https://sync.adprime.com/09c8e2eece5857c291d6efc800b2a845.gif?puid=7ff49eab67024c54a7890b953eaa414b&redir=[RED]
0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adprime.com/09c8e2eece5857c291d6efc800b2a845.gif?puid=7ff49eab67024c54a7890b953eaa414b&redir=[RED]
Requested by
Host: sync.adprime.com
URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Server
8.2.110.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adprime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 03:40:29 GMT
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0

Redirect headers

Date
Sun, 12 Nov 2023 03:40:29 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://sync.adprime.com/09c8e2eece5857c291d6efc800b2a845.gif?puid=7ff49eab67024c54a7890b953eaa414b&redir=[RED]
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
usermatch
ssum-sec.casalemedia.com/ Frame 26AA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
21620cc80d3b8bca8d1d7ee73fa84b702ce118f32435a28f76f47c7842108dea

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
824bc0fb9e19429a-EWR
content-encoding
br
content-type
text/html
date
Sun, 12 Nov 2023 03:40:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTsyqSLcp3aUNrg2CN%2FSgB7B3Ve%2FAiLrdivBGgDI9Ut%2FggIZSMIaMRNHqhTaGNjSgTw%2FHJg4RHvjrdtYoo6qyCRXbomLUJsynWI3mvVlaKlapKxfck1Mn5KZLu1quQ5vNSXxoaXAfpAlXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame 26AA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVBJLblgRNAt3w40tQzoJQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAqQ-cwyaEzd691N_OPm578&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAqQ-cwyaEzd691N_OPm578&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2Js%2BzYQW5vjvqbgVKfPtN%2F2aQ8Me3Pldq15ho6OpHgCo9qK1QVHaE5td6PoIFknHJj8lEDRic4X%2B%2FpxwBlAmsjHmTKRbap1IYxDemZz9UWPMmMWtiPgTjpPiPWYEMjvRTXp3xYFoVKviA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fc9ef1429a-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAqQ-cwyaEzd691N_OPm578&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 26AA
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7951105042517337080
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7951105042517337080
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFFuHTh2lMcjLK%2BRcKt1GrhXtm96YMKj0bQpVJMOGZ17pkp4ugTrSUG4JvNIlx8NOrne4IQXV9Pva5FibR96PsTQaVe6zdhD4oVt9xC0xODtajT6yFIcl5fwp7Wtd0sGW%2BrK9cagrxkZMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fc385c42ef-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
an-x-request-uuid
14c5ebb6-4876-4c5a-a30e-4d3c5406a589
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7951105042517337080
x-proxy-origin
5.181.234.134; 5.181.234.134; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZVBJLblgRNAt3w40tQzoJQAAAgYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 26AA 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVBJLblgRNAt3w40tQzoJQAAAgYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:1404:5fed:fb6f:9150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 26AA
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=KfKztCv-tOAy8bKwLP6rvCuh4OIypbGyLqEDHqJ2
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=KfKztCv-tOAy8bKwLP6rvCuh4OIypbGyLqEDHqJ2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FI0Piz7%2BN5m%2BPdZ4yK%2BjarjEn1hHsHCPwuyA2dRYfECLp1ezeXzzftTa1n5uQohVk9zzCm455XzaheFwFKAg3qTIPypqSvn0JwT5ztMhv%2FFPjr%2FJmPIQG3qUp7HG87dHJ8lSEMpLMzVatw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fc385f42ef-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=KfKztCv-tOAy8bKwLP6rvCuh4OIypbGyLqEDHqJ2
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 26AA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADYaU7KoJIAABY6SAH-Ew&expiration=1700970029
43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADYaU7KoJIAABY6SAH-Ew&expiration=1700970029
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mF9TZqxNlxlS0%2FI3QlEE9wp8byr%2FXnM62%2BLbqeMQgj%2BVHMWplEWO2Jw%2BMMI3P5aINruajnrEEyeYcn83ScCnR%2FYXtLUKx%2FchqNEcpP3agANNB%2FI2UwA9EgZmtc53aOocSxnnt4AS%2F7Wd9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fc385e42ef-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADYaU7KoJIAABY6SAH-Ew&expiration=1700970029
Date
Sun, 12 Nov 2023 03:40:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 26AA
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=527678018558166081
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=527678018558166081
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FTn0xoQcxSV7VIACuep2eG8s7IFR2PmuXw%2FcB3tTpWgMEMoLu14zl9Ge6yjryr7JJfWrqPlCw%2FARG5zTa9eYXdK2rYBu2x%2FBqILu0Dt9jzjIs68GBnS33iaencfT%2BkUmIgp9aYKiuXvTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fc385d42ef-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=527678018558166081
Date
Sun, 12 Nov 2023 03:40:29 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 26AA
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=ac2c51eb99df4307b10c426e4ac928b3&expiration=1702352429
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=ac2c51eb99df4307b10c426e4ac928b3&expiration=1702352429
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZlI6%2BxQ6Cd1smO%2FW7n%2BUyJSEF3ZJfecJov%2FhyxE7%2FkWkfVe9ZbsDwYE%2FSP051NwN8laMeALwLjzIHcvUpLK3SeTtKVGxKfePpSgeF84rUF86SyDbjr%2FxhJZSdaZbqndKgvdZpIcjTIZxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fc9ef4429a-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:28 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=ac2c51eb99df4307b10c426e4ac928b3&expiration=1702352429
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 26AA
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662078219196685
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662078219196685
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zl6JpZfz5gH%2BkAj1OpHv8kzv%2Fsg4z6o2rrn3%2BZWv%2BaaGtUxZ6B%2BIfvEanKeL%2BhY7zakeTciMeu6TufrwoDx3WC0yOY%2B1ernv8gyY4HSvL8jOLkSBqRcWo5tcyRYLvurjxivuJhUpnvZJtA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fdb816429a-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
382
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662078219196685
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
824bc0fd2da44388-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 26AA 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZVBJLblgRNAt3w40tQzoJQAA%26518
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
55682
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
824bc0fc3b024309-EWR
content-length
43
expires
Mon, 13 Nov 2023 03:40:29 GMT
cksync
cs.media.net/ Frame 48C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQyNzYyMDI5MDgxMzQ5MTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKpGBMQOiDy0bCYmrguVPTs&google_cver=1
53 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKpGBMQOiDy0bCYmrguVPTs&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUCS6QV3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.199.48.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sun, 12 Nov 2023 03:40:29 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKpGBMQOiDy0bCYmrguVPTs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=38584006&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1699760429534&ns_c=UTF-8&c7=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&c8=Drugs.com%20-%20Prescription%20Drug%20...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=38584006&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1699760429534&ns_c=UTF-8&c7=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&c8=Drugs.com%20-%20Prescription%20Drug%2...
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=38584006&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1699760429534&ns_c=UTF-8&c7=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&c8=Drugs.com%20-%20Prescription%20Drug%20Information&c9=
Requested by
Host: qw.jinghuashuiyao.xyz
URL: https://qw.jinghuashuiyao.xyz/
Protocol
H2
Server
18.239.83.91 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://qw.jinghuashuiyao.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS58-P5
x-amz-cf-id
uDKjyC-uXMx-dzUV4N59P9dFMPnjpF7-gfXyXIgVE158QK9UZjMMZw==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=38584006&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1699760429534&ns_c=UTF-8&c7=https%3A%2F%2Fqw.jinghuashuiyao.xyz%2F&c8=Drugs.com%20-%20Prescription%20Drug%20Information&c9=
content-length
0
x-amz-cf-id
JLdAwrgvXGbkF3a9hRm5VB8yLhYyruvaTi8fgSEZ7iWmJZfWmb13_g==
setuid
pbs.nextmillmedia.com/ Frame DE06
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dadnxs%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://cookies.nextmillmedia.com/setuid?bidder=adnxs&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=7951105042517337080
  • https://pbs.nextmillmedia.com/setuid?bidder=adnxs&uid=7951105042517337080
86 B
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=adnxs&uid=7951105042517337080
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.169.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-169-166.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Sun, 12 Nov 2023 03:40:29 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Sun, 12 Nov 2023 03:40:29 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=adnxs&uid=7951105042517337080
server
fasthttp
/
hde.tynt.com/deb/ Frame 2A64
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_pr...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1667
content-type
text/html
date
Sun, 12 Nov 2023 03:40:29 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Sun, 12 Nov 2023 03:40:28 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
setuid
pbs.nextmillmedia.com/ Frame 44A8
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=6d1855a9-26f0-453b-bc73-d2a6d2528e8e
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=6d1855a9-26f0-453b-bc73-d2a6d2528e8e
86 B
545 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=6d1855a9-26f0-453b-bc73-d2a6d2528e8e
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.169.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-169-166.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Sun, 12 Nov 2023 03:40:29 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Sun, 12 Nov 2023 03:40:29 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=6d1855a9-26f0-453b-bc73-d2a6d2528e8e
server
fasthttp
usermatch
ssum-sec.casalemedia.com/ Frame 9767 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
284729678dfc14f2980af6144dd48d19b247d90a5d83961cb9d46c2f038e06a7

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
824bc0fd3f9b429a-EWR
content-encoding
br
content-type
text/html
date
Sun, 12 Nov 2023 03:40:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BDgX%2BSwzYjo3tltcCkEeRjW3UMpXWkRIyoZ%2BbuhchvTS6LNE%2B2S4TeYSEANOXBw8lLXGMkYx3XSvzoVorH%2BoLHWJCy%2FB8Je30ERpHH1ktORlKDYVqMUvo2TtvoFpYCo5br%2F7ArOCUA1DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2DDB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid=
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.253.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-253-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Nov 2023 03:40:29 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 12 Nov 2023 03:40:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
server
AkamaiGHost
0
prebid.a-mo.net/cchain/ Frame B00F 		2 KB
729 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
94cebc3273bb486f6bd6f02ded1a97988f02bd736da0ba45ca2a2cfbc0378cbf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
639
content-type
text/html; charset=utf-8
date
Sun, 12 Nov 2023 03:40:28 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
match
c1.adform.net/serving/cookie/ Frame 4A0E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%...
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2480975299383853849&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
0
0
setuid
pbs.nextmillmedia.com/ Frame A37F
Redirect Chain
  • https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%...
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=fd814904-6659-49a4-b9d4-43a8f8490919&gdpr_consent=null&gdpr=null
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=fd814904-6659-49a4-b9d4-43a8f8490919
86 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=fd814904-6659-49a4-b9d4-43a8f8490919
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.169.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-169-166.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Sun, 12 Nov 2023 03:40:29 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Sun, 12 Nov 2023 03:40:29 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=fd814904-6659-49a4-b9d4-43a8f8490919
server
fasthttp
cframe.js
assets.a-mo.net/js/ Frame B00F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
JFK52-P2
age
438
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 10 Nov 2023 21:39:25 GMT
server
cloudflare
etag
W/"e2f56d1cfe0ced695b08937b5b3e1e27"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
824bc0fdce2a42af-EWR
x-amz-cf-id
kCzWxsSqRkSHLc7RpaGTT1kkt5FZJMoXUgLcv9Oi1XDJX6l6bOt7KA==
expires
Sun, 12 Nov 2023 04:40:29 GMT
usync.js
eus.rubiconproject.com/ Frame 2DDB 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.253.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-253-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
64495d1b9a11f0bbf0601078753d0cea1f987dc62406ba5b5209339ecda7df91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 03:40:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Nov 2023 00:54:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76428
Connection
keep-alive
Content-Length
13280
Expires
Mon, 13 Nov 2023 00:54:17 GMT
ZVBJLblgRNAt3w40tQzoJQAAAgYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9767
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZVBJLblgRNAt3w40tQzoJQAAAgYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZVBJLblgRNAt3w40tQzoJQAAAgYAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVBJLblgRNAt3w40tQzoJQAAAgYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a07:1404:5fed:fb6f:9150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZVBJLblgRNAt3w40tQzoJQAAAgYAAAAB
date
Sun, 12 Nov 2023 03:40:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 9767
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=4cab2f12bd041305&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF_WCOsKyEtwM064wNAAAAAAA&expiration=1699846829&is_secure=true
43 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF_WCOsKyEtwM064wNAAAAAAA&expiration=1699846829&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pChHEkonyyGfPAUEed9zrEmnAFta6bZVc%2B3ueQrvnWzrEOdTGESJXLP7oezSDHhWpYd%2BZX8nNBsTx6uT4M7RghYblcDNDuZtMSzFEArQa4FTrtkqkFCyt2BHQ82UYyhNlpeoJWXR"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fdc81d429a-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF_WCOsKyEtwM064wNAAAAAAA&expiration=1699846829&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 9767
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715485229&external_user_id=852a99d1-1ae9-4f6d-a492-47f416100a17
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715485229&external_user_id=852a99d1-1ae9-4f6d-a492-47f416100a17
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JQKRnhG1i1ssDV%2FGtRDxALGQHGbLrf00s3qgR2EoF5oj%2FgIEt3JI%2FyxXqtDFW8f9TNeAdRTFt0mdzN9WXDKWQwVMMJ%2BGRDc27Mh%2BlgKEGsak8VnEjneI3MryA3M6aUv3Tv24tN2jC75Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fdd833429a-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715485229&external_user_id=852a99d1-1ae9-4f6d-a492-47f416100a17
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 9767
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2480975299383853849
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2480975299383853849
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTSz4H5%2BPqj5bolhdxW2TSz8ePmDMkOCz7%2Bk6e8csElvufi7TD0zcBqE3WmlSuXb1e1MJoPm6ymtmOM1wBjEMQzSPjpejyi2893k9KxG1tbO2%2Bw6f35Gw9BWeBxEM%2FlnRKdw3NqPfF4t6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fda80d429a-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2480975299383853849
pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum.casalemedia.com/ Frame 9767
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=f7d9b090-ba3f-3671-37f46755
43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=f7d9b090-ba3f-3671-37f46755
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kwM1nu7s3FVOYtQK0hi6hH0aY%2B%2B7JIbCfXJbxtULHX3mXbzlgCMn9H4adxupuBNJwSqXXVjiQctX4M8u9t%2BDu7znrR2o6cvgbml%2BiRJkl0vhCmZwStUwbYsSHR%2BeF7dPL9DfojM"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fdd828429a-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 12 Nov 2023 03:40:29 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=f7d9b090-ba3f-3671-37f46755
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
ZVBJLblgRNAt3w40tQzoJQAAAgYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9767 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVBJLblgRNAt3w40tQzoJQAAAgYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:1404:5fed:fb6f:9150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 03:40:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 9767
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TsQVy5XhU41iMArRnN9PSgW16oY
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TsQVy5XhU41iMArRnN9PSgW16oY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdDarSam4y5ksIjYESup8n1k9p47QPfroE7Zcgf5IFmZJniZWp5EPVyzIiXG72M%2F2Ox11KV8xg7a%2FW19XicxcTN9VjIy2YApQ9GE%2BbSqtC5N%2BhOwo1jXueZl9cCq18OGZWNYFT2KB0vZJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fda806429a-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TsQVy5XhU41iMArRnN9PSgW16oY
Date
Sun, 12 Nov 2023 03:40:29 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 9767
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=397e85c6-810d-11ee-b26a-b7870c09b7e7
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=397e85c6-810d-11ee-b26a-b7870c09b7e7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0yeOwva8ORFPWnrp8r73jubl%2F2NpoUK5TbHB%2F3QFL8tURHxyxkHJECp2DW3LBJdIJHP7nfCrF89N1L0OXz7c9a%2BBrzjLM8%2FO7WIUhdlwra1l7Icz5kQEtI86mQCKulRKAX27F5t3OsNmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
824bc0fda804429a-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=397e85c6-810d-11ee-b26a-b7870c09b7e7
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-2
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
setuid
pbs.nextmillmedia.com/ Frame 9767
Redirect Chain
  • https://cookies.nextmillmedia.com/setuid?bidder=ix&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ZVBJLblgRNAt3w40tQzoJQAA%26518
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZVBJLblgRNAt3w40tQzoJQAA&518
86 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZVBJLblgRNAt3w40tQzoJQAA&518
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H2
Server
44.210.169.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-169-166.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 12 Nov 2023 03:40:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZVBJLblgRNAt3w40tQzoJQAA&518
date
Sun, 12 Nov 2023 03:40:29 GMT
server
fasthttp
content-length
0
khaos.json
token.rubiconproject.com/ Frame 2DDB 		7 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOUXGXA5-B-CIIH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 2DDB 		0
0
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame EF57 		0
0
/
ssc-cms.33across.com/ps/ Frame 0281 		0
0
/
ssc-cms.33across.com/ps/ Frame 2A64 		0
0
sync
x.bidswitch.net/ Frame 2A64 		0
0
sync
ups.analytics.yahoo.com/ups/58350/ Frame 2A64 		0
0
current
33across-match.dotomi.com/match/bounce/ Frame 2A64 		0
0
getuid
eb2.3lift.com/ Frame 2A64 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssp.api.tappx.com
URL
https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1352
Domain
atemda.com
URL
https://atemda.com/UserMatch.ashx?bidderid=97&bidderuid=c4oQ0PzSADVr
Domain
i.liadm.com
URL
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=62afbe01-4457-4306-9b9f-9bfa2937a561%3A1699760429.7300751&pid=500040&it=1&iv=62afbe01-4457-4306-9b9f-9bfa2937a561%3A1699760429.7300751&_=1699760429.7336535
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/bid?advid=5771&bcid=c4oQ0PzSADVr
Domain
ssbsync-global.smartadserver.com
URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D3%2526redirect%253Dhttps%25253A%25252F%25252Fbh.contextweb.com%25252Fbh%25252Frtset%25253Fdo%25253Dadd%252526pid%25253D563074%252526ev%25253D%252524UID
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=4ad58a12-9b25-4842-87b3-b830733bc736
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17888&nmuid=&khaos=LOUXGXA5-B-CIIH
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1699760429819.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?_=1699760429819.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
Domain
33across-match.dotomi.com
URL
https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture number| SITETIMING object| SITECONFIG object| dataLayer object| _comscore object| pbjs object| googletag object| pbjsChunk object| _pbjsGlobals object| mnet object| confiant object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing string| docereeBaseUrl undefined| cdp function| initDoceree function| initializeDocereeCookie function| setDocereeContext function| removeDocereeContext function| getCookie function| docereeLogMessage function| saveDmdInfo function| sendDmdData function| getPlatformUid function| validateHistoryValues function| fireAction function| startDocereeSession function| endDocereeSession function| setDocereeAttributeAge function| setDocereeAttributeGender function| setDocereeAttributeLabTest function| setDocereeAttributeLabTestHistory function| setDocereeAttributeInsurance function| setDocereeAttributeDiagnosis function| setDocereeAttributeDiagnosisHistory function| setDocereeAttributePrescription function| setDocereeAttributePrescriptionHistory function| setDocereeAttributeTemperature function| setDocereeAttributeBP function| setDocereeAttributePulse function| setDocereeAttributeRespiration function| getUserContext function| dispatchUserAvailable object| AIM_160 object| DDC function| DDC_SUBSCRIBE_RECAPTCHA_LOAD object| _0x51e0 function| _0xeeb4 object| apstag object| nmmRefreshCounts number| google_unique_id object| gaGlobal function| confiantDfpWrap object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_tag_manager string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaplugins object| gaData

154 Cookies

Domain/Path Name / Value
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr
Value: 1
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr-exp
Value: "2023-11-13 03:40:23"
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxDHFg
.jinghuashuiyao.xyz/ Name: pbjs_sharedId
Value: 37245b9a-c3e8-476c-8306-d3e1517eac51
.jinghuashuiyao.xyz/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
qw.jinghuashuiyao.xyz/ Name: _sess
Value: 06a872a8-6054-4147-b772-561c7b055fce.cf85595a-b76e-4a66-b68b-8cc67817b44c.1699760423.1
qw.jinghuashuiyao.xyz/ Name: dmd-vid
Value: cf85595a-b76e-4a66-b68b-8cc67817b44c
qw.jinghuashuiyao.xyz/ Name: dmd-sid
Value: 06a872a8-6054-4147-b772-561c7b055fce
qw.jinghuashuiyao.xyz/ Name: _docereeDmdContext
Value: JTdCJTdE
.doceree.com/ Name: _docereeInit
Value: eyJwbGF0Zm9ybVVpZCI6ImExZWM4NzlhLTAzODgtNDc4Yi05MjM3LTlkMDU4ZDhhYmM3MCIsInZlcnNpb24iOiIwLjEifQ==
.www.medtargetsystem.com/ Name: s-DMDSESSID
Value: 8d6763f79af9a0ae38065df5e5f8ce5c
qw.jinghuashuiyao.xyz/ Name: _docereeId
Value: {"platformUid":"a1ec879a-0388-478b-9237-9d058d8abc70","version":"0.1"}
qw.jinghuashuiyao.xyz/ Name: PHPSESSID
Value: 7752a18edd083fcf911dd4dc7a2ecfb7
.thrtle.com/ Name: mc
Value: eyJpZCI6Ijg3ODllMDg0LWNjYWItNGM4Yi1iNzliLWNlNGNiMDAwMzczOSIsImwiOjE2OTk3NjA0MjMyOTUsInQiOjF9
.liadm.com/ Name: lidid
Value: 37a8c340-c527-456b-ba7d-bf5ac823c3bf
qw.jinghuashuiyao.xyz/ Name: dmd-ahk
Value: b9b8d75dfe
qw.jinghuashuiyao.xyz/ Name: dmd-signal-160-2655-D7D48E5B-06a872a8-6054-4147-b772-561c7b055fce
Value: e30=
.adnxs.com/ Name: uuid2
Value: 7951105042517337080
.contextweb.com/ Name: vf
Value: 1
.contextweb.com/ Name: V
Value: c4oQ0PzSADVr
.contextweb.com/ Name: wf
Value: 0
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 347850=5712700
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 4345599828454128829
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D152_0_0t%3B%24dma%3D501&c=1&l=908530559&lo=-1530083348&lt=638353572238146761&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D152_0_0t%3B%24dma%3D501
.rubiconproject.com/ Name: khaos
Value: LOUXGXA5-B-CIIH
.jinghuashuiyao.xyz/ Name: __gads
Value: ID=67a4ce0aefa9ca97:T=1699760424:RT=1699760424:S=ALNI_MafWh8np1U0H3xUYP9XiNSRyWk9hQ
.jinghuashuiyao.xyz/ Name: __gpi
Value: UID=00000cd7932ab697:T=1699760424:RT=1699760424:S=ALNI_MauWMnjT-xAUMf1wq6dSGtmQIKFDA
.doubleclick.net/ Name: IDE
Value: AHWqTUkX3gRu1UqaYPjsU1BwTXdNKxHEhOrL5d8quFpcnIELIjIFjFhK9KxAGXIQmis
.adrta.com/ Name: __aavi
Value: 16645314864456527694
.adrta.com/ Name: __aavt
Value: 1699760425880
.adrta.com/ Name: __aasi
Value: 13439324605557322361
.adrta.com/ Name: __aast
Value: 1699760425880
.gumgum.com/ Name: vst
Value: u_e794f4a3-a55a-4747-9006-94aff851980e
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 24200e43479dd2c8
.deepintent.com/ Name: CDIUSER
Value: di_ba044e0be2b54ac69ed7a
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231112%22%7D
.adsrvr.org/ Name: TDID
Value: 59101c9a-21ec-4bd8-91fa-67f15008d9f8
.openx.net/ Name: i
Value: 876ae53f-36e8-4925-8d29-da5b372e7ffe|1699760425
.yahoo.com/ Name: A3
Value: d=AQABBClJUGUCEIDWZhrTp3DdM_JQokNeo4wFEgEBAQGaUWVaZQAAAAAA_eMAAA&S=AQAAAo6fHymq-d80J7I4vpTliTY
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a.ThMKHCuF%2FJiNjxJhTPfbakT3gEbx7tQi6GLJSli%2BVUs
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a.ThMKHCuF%2FJiNjxJhTPfbakT3gEbx7tQi6GLJSli%2BVUs
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATsQVy5XhU41iMArRnN9PSgW16oY.i5mo9QoecSwoP0wOW%2BfnxOCMamrAGqlyxwUBXZLx5g4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATsQVy5XhU41iMArRnN9PSgW16oY.i5mo9QoecSwoP0wOW%2BfnxOCMamrAGqlyxwUBXZLx5g4
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEgH5wOz9NO5PStU46rmbXzsJbTOzAYU5i4bqwST5fnMEHwYBCCpksGqBjABOgRzygDyQgTgz1yo.8eXC0Xk%2F4X4BwBFS6KdFiLPpWZyk%2Feqo%2FJpgHjB8kn0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEgH5wOz9NO5PStU46rmbXzsJbTOzAYU5i4bqwST5fnMEHwYBCCpksGqBjABOgRzygDyQgTgz1yo.8eXC0Xk%2F4X4BwBFS6KdFiLPpWZyk%2Feqo%2FJpgHjB8kn0
.ipredictive.com/ Name: cu
Value: 8392f24d-0ada-490b-952e-a47ef9697103|1699760426004
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D73D9093-D4FA-4908-93A7-01F9CAFE2D97
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync3
Value: 1700956800%3A201_263%7C1699833600%3A248%7C1700352000%3A265
.pubmatic.com/ Name: SyncRTB3
Value: 1700956800%3A54_250_166_220_13_71_3_21%7C1700352000%3A15_223
.creativecdn.com/ Name: u
Value: 8iQJo75xKHHZcSBtPQec
.creativecdn.com/ Name: ts
Value: 1699760426
.bidswitch.net/ Name: tuuid
Value: 8ff7d1ad-ee40-440e-b87d-ed3aa3fae47a
.bidswitch.net/ Name: c
Value: 1699760426
.bidswitch.net/ Name: tuuid_lu
Value: 1699760426
.mediago.io/ Name: __mguid_
Value: 4df39c4964116d3e27lili00louxgytf
.zemanta.com/ Name: zuid
Value: -yMsTCpHscGH03KPptyz
.bidswitch.net/ Name: google_push
Value: AXcoOmS1-gie8pzN3pIj3bTyw6OHHAIr505FF2W4wROsw1X9YXKljh7KQjGfDfDymmFh6MklR2yn6wL0HxgtjtD60i41MJ-8QCJTOA
.tapad.com/ Name: TapAd_TS
Value: 1699760426641
.tapad.com/ Name: TapAd_DID
Value: dd1d3d63-2c54-42e7-8ac9-4dc323055116
.dotomi.com/ Name: DotomiTest
Value: 2b9b8d5915f714fd
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129Q-JqCgNyMl0DSo2KY2MynPxzUmLCg3iNTSztDQ3MzAxMjMzM3nFiMI3BQDtLfldPQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSMjUyNzO3MDC0MDW1MDQzM7AwFOIz1PWpLHZMLI-IMk4OLAQA_9WqTyQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSMjUyNzO3MDC0MDW1MDQzM7AwFOIz1PWpLHZMLI-IMk4OLAQA_9WqTyQAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129Q-JqCgNyMl0DSo2KY2MynPxzUmLCgUAhRUz8B4AAAA
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-59101c9a-21ec-4bd8-91fa-67f15008d9f8&KRTB&22918-59101c9a-21ec-4bd8-91fa-67f15008d9f8&KRTB&22926-59101c9a-21ec-4bd8-91fa-67f15008d9f8&KRTB&23031-59101c9a-21ec-4bd8-91fa-67f15008d9f8
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7951105042517337080&KRTB&23339-7951105042517337080
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEM67FQZn8rHs_3PYH--VH4k&KRTB&23025-CAESEM67FQZn8rHs_3PYH--VH4k&KRTB&23386-CAESEM67FQZn8rHs_3PYH--VH4k
.pswec.com/ Name: tuuid
Value: f8c9c27c-3f1e-4d84-81f6-a047fb3eba5c
.pswec.com/ Name: c
Value: 1699760426
.pswec.com/ Name: tuuid_lu
Value: 1699760426
.3lift.com/ Name: tluid
Value: 4355242305602518948077
.teads.tv/ Name: tt_viewer
Value: c497fb38-bd4e-4fb3-8da1-036b2cb4363d
.openx.net/ Name: pd
Value: v2|1699760426|vMgavPkWgyiK
.turn.com/ Name: uid
Value: 2480975299383853849
.simpli.fi/ Name: suid
Value: 0E8E1034CA8A4DDA81839A2628FF3ECF
.bidr.io/ Name: bito
Value: AADYaU7KoJIAABY6SAH-Ew
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHiu0Dtfg7QQMMQempAAAAAAA&KRTB&22713-AAAHiu0Dtfg7QQMMQempAAAAAAA&KRTB&22715-AAAHiu0Dtfg7QQMMQempAAAAAAA&KRTB&23519-AAAHiu0Dtfg7QQMMQempAAAAAAA
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiNzk1MTEwNTA0MjUxNzMzNzA4MCIsImV4cGlyZXMiOiIyMDIzLTExLTI2VDAzOjQwOjI2LjQzMDgyMjY1OFoifSwicnViaWNvbiI6eyJ1aWQiOiJMT1VYR1hBNS1CLUNJSUgiLCJleHBpcmVzIjoiMjAyMy0xMS0yNlQwMzo0MDoyNC4zOTI5MTU0MzRaIn0sIm9wZW54Ijp7InVpZCI6IjZkMTg1NWE5LTI2ZjAtNDUzYi1iYzczLWQyYTZkMjUyOGU4ZSIsImV4cGlyZXMiOiIyMDIzLTExLTI2VDAzOjQwOjI2LjcwMjI2ODQ4MVoifSwiZ3VtZ3VtIjp7InVpZCI6InVfZTc5NGY0YTMtYTU1YS00NzQ3LTkwMDYtOTRhZmY4NTE5ODBlIiwiZXhwaXJlcyI6IjIwMjMtMTEtMjZUMDM6NDA6MjUuOTE1Mzk0Mzg3WiJ9fX0=
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:0E8E1034CA8A4DDA81839A2628FF3ECF&KRTB&23486-uid:0E8E1034CA8A4DDA81839A2628FF3ECF&KRTB&23489-uid:0E8E1034CA8A4DDA81839A2628FF3ECF&KRTB&23539-uid:0E8E1034CA8A4DDA81839A2628FF3ECF
.pubmatic.com/ Name: PugT
Value: 1699760425
.amazon-adsystem.com/ Name: ad-id
Value: Ay9ujd-nqEC-paKzhm48j6E
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7587
.adx.opera.com/ Name: UID
Value: OPU8b2a8d23db0e4adb9a1a5f43af797e6e
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVBJKgAA_NSVfwBf
.openx.net/ Name: univ_id
Value: 537072971|59101c9a-21ec-4bd8-91fa-67f15008d9f8|1699760426731537
qw.jinghuashuiyao.xyz/ Name: _lr_sampling_rate
Value: 100
.adform.net/ Name: C
Value: 1
.technoratimedia.com/ Name: tads_uidp_16
Value: 1546225823520
.technoratimedia.com/ Name: tads_uidp_37
Value: eac3d836-900c-3f09-8e83-4295706f8db4
.technoratimedia.com/ Name: tads_uidp_44
Value: LOURR4O8-M-8WEG
.technoratimedia.com/ Name: tads_uidp_45
Value: B2DD13E4-FF1C-4B30-B4CE-1CEB0560DB4C
.technoratimedia.com/ Name: tads_uidp_46
Value: 338155640734595054
.technoratimedia.com/ Name: tads_uidp_48
Value: 4f8250bc-5c23-440e-ba69-8059c4618a92
.technoratimedia.com/ Name: tads_uidp_49
Value: AQEI0lnlhlZg5wI3aNORAQEBAQE
.technoratimedia.com/ Name: tads_uidp_50
Value: 1a1e5059-04f7-0473-2dbd-e7f286c9a469
.technoratimedia.com/ Name: tads_uidp_61
Value: 212228714653042
.technoratimedia.com/ Name: tads_uidp_62
Value: 3427524230813239000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: rAljNyjG_iaXcx--zBQSyH31p1x8uZut
.technoratimedia.com/ Name: tads_uidp_7
Value: cb668a03-a72c-4df1-bc81-5bf34ed7eea6
.technoratimedia.com/ Name: tads_uidp_70
Value: 1673920153159-980523061937-008669-012-007666
.technoratimedia.com/ Name: tads_uidp_73
Value: AADYaU7KoJIAABY6SAH-Ew
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-10403a79-f36b-43fb-b53f-4cb938e92dad-005
.technoratimedia.com/ Name: tads_uidp_77
Value: 5jM0JETrx8fmjxZvkfryLVGn7LB1_qziqm1lnW_eEOI
.technoratimedia.com/ Name: tads_uidp_79
Value: 532b08b1-2ae9-43e9-9eee-060569eb55fb
.technoratimedia.com/ Name: tads_uidp_80
Value: y-EKNQy9RE2uG2YM78wlMVqodvh3SsjGeZ~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZVAjp93YcH.TGcqb-JJGTgAA&151
.technoratimedia.com/ Name: tads_uidp_83
Value: BzKIS13TXEMI
.technoratimedia.com/ Name: tads_uidp_88
Value: 1535162024934616018065
.technoratimedia.com/ Name: tads_uidp_90
Value: ebe86d2e-fcbd-4e11-bc90-0f73c18c8208
.technoratimedia.com/ Name: tads_uidp_91
Value: 6036790348656135630brt77751645033995481903ac
.technoratimedia.com/ Name: tads_uid
Value: 2C61E9DF353D4A649FEA6028B8CD8B11
.technoratimedia.com/ Name: tads_uid_cd
Value: 20221201185456+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1695315288565
.smartadserver.com/ Name: csync
Value: 127:AADYaU7KoJIAABY6SAH-Ew
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nxy|7dN.0.AADYaU7KoJIAABY6SAH-Ew|7bq.0.1
.adform.net/ Name: uid
Value: 4384418451717776352
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADYaU7KoJIAABY6SAH-Ew
.socdm.com/ Name: SOC
Value: ZVBJKsCo5ukAAMZ9xLkAAAAA
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiW46HC5M6xPBAFEhYKB3J1Ymljb24SCwiGusnL5M6xPBAFGAEgAygCMgsIotmk7_rOsTwQBTgBWghwdWJtYXRpY2AC
.connatix.com/ Name: cnx_userId
Value: 3495149d5a964f3384bbb8bca6ed5126
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 56f711a4-e678-4968-8ec2-c964d4dd9e9d
.prebid.a-mo.net/ Name: sd_amuid2
Value: 56f711a4-e678-4968-8ec2-c964d4dd9e9d
.linkedin.com/ Name: bcookie
Value: "v=2&4f16ae9a-c867-4572-87b3-3b4182d26247"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2675:u=1:x=1:i=1699760427:t=1699846827:v=2:sig=AQG9j05XSrs59qpOjr98XJPcc-NoA-u-"
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2f03:18vk~2f03:19e0~2f03"
.lijit.com/ Name: ljt_reader
Value: HpE8aQZHnRJctJIFQjSuVZ6Z
.lijit.com/ Name: _ljtrtb_80
Value: LOUXGXA5-B-CIIH
.hb.yahoo.net/ Name: visitor-id
Value: 3427620270813464000V10
.hb.yahoo.net/ Name: data-mag
Value: LOUXGXA5-B-CIIH~~63
.rubiconproject.com/ Name: audit
Value: 1|n3IPK3IAUJwk+xdgDhWxOcBeZVex1eBZeLBCdMJsHS6MaGpsUGBQ3hYoQNxy4fhpizAezpieVVFCqQ3+tQhlLHMDvubSxZCG04CmSKk9H33jVCJuaaXXCL/h6LCvxMIAxGZLyAazrKWDJhd/x3vkRC6wWg9JtwaL0fNcWZbUFu71oS+QxTio6p/UU7oAhy00qZ633TjbtpOB2bYzem0piw==
.adnxs.com/ Name: anj
Value: dTM7k!M40DF7/.XF']wIg2E>><cl_a!@wnf-Te9(S@n$G2lWU]s+KO1nC%wp[uCNLr06f]^c7f9@K[=Z:4=sB!?SEEF+mt6
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPVVhHWEE1LUItQ0lJSCIsImV4cGlyZXMiOiIyMDI0LTAyLTEwVDAzOjQwOjI3WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTExLTEyVDAzOjQwOjI3WiJ9
.primis.tech/ Name: csuuid
Value: 6550492c16e54
.jinghuashuiyao.xyz/ Name: _ga_NC862DPYNN
Value: GS1.1.1699760428.1.0.1699760428.60.0.0
.jinghuashuiyao.xyz/ Name: _ga
Value: GA1.2.1469202067.1699760424
.jinghuashuiyao.xyz/ Name: _gid
Value: GA1.2.1868792809.1699760428
.jinghuashuiyao.xyz/ Name: _gat_UA-78451-2
Value: 1
.pubmatic.com/ Name: SPugT
Value: 1699730692
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: CNC3PmUPrL
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUdk1iWEhI
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 95808134#1699760428808#0#1699760428808
.intentiq.com/ Name: intentIQCDate
Value: 1699760428810

12 Console Messages

Source Level URL
Text
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20D73D9093-D4FA-4908-93A7-01F9CAFE2D97&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://qw.jinghuashuiyao.xyz/
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=1352' from origin 'https://qw.jinghuashuiyao.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1352
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Message:
Mixed Content: The page at 'https://sync.adprime.com/iframe?pbjs=1&coppa=0' was loaded over HTTPS, but requested an insecure element 'http://s.adtelligent.com/sync.html?aid=798038'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Message:
Mixed Content: The page at 'https://sync.adprime.com/iframe?pbjs=1&coppa=0' was loaded over HTTPS, but requested an insecure element 'http://inv-nets.admixer.net/adxcm.aspx?ssp=1B0D5B12-1453-4D2F-8696-FEB0364AF283&rurl=https%3A%2F%2Fsync.adprime.com%2F09c8e2eece5857c291d6efc800b2a845.gif%3Fpuid%3D%24%24visitor_cookie%24%24%26redir%3D%5BRED%5D'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Message:
Mixed Content: The page at 'https://sync.adprime.com/iframe?pbjs=1&coppa=0' was loaded over HTTPS, but requested an insecure element 'http://s.adtelligent.com/sync.html?aid=798038'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://sync.adprime.com/iframe?pbjs=1&coppa=0
Message:
Mixed Content: The page at 'https://sync.adprime.com/iframe?pbjs=1&coppa=0' was loaded over HTTPS, but requested an insecure element 'http://inv-nets.admixer.net/adxcm.aspx?ssp=1B0D5B12-1453-4D2F-8696-FEB0364AF283&rurl=https%3A%2F%2Fsync.adprime.com%2F09c8e2eece5857c291d6efc800b2a845.gif%3Fpuid%3D%24%24visitor_cookie%24%24%26redir%3D%5BRED%5D'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://x.bidswitch.net/sync?ssp=adprime&user_id=120c647e-ae55-46cb-8698-0c89808f2ac9
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sync-service.net/user-sync?pl=community
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cs.chocolateplatform.com/bid?advid=5771&bcid=c4oQ0PzSADVr
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.colossusssp.com/pp.gif?puid=c4oQ0PzSADVr
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://us.ck-ie.com/adsd514.gif?gdpr=[GDPR]&gdpr_consent=[GDPRConsent]&us_privacy=[CCPA]&coppa=[COPPA]&puid=4ad58a12-9b25-4842-87b3-b830733bc736
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://tpc.googlesyndication.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0f0772501ba38c43d1ce8092e0d1d020.safeframe.googlesyndication.com
33across-match.dotomi.com
a.rfihub.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.turn.com
adrta.com
ads.pubmatic.com
ads.rubiconproject.com
ads.yieldmo.com
analytics.google.com
ap.lijit.com
api.rlcdn.com
assets.a-mo.net
atemda.com
b1sync.zemanta.com
bh.contextweb.com
bid.contextweb.com
bidder.doceree.com
c1.adform.net
capi.connatix.com
casale-match.dotomi.com
cdn.confiant-integrations.net
cdn.indexww.com
cdn.mediago.io
ce.lijit.com
check.analytics.rlcdn.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cm.smadex.com
cms.quantserve.com
contextual.media.net
cookies.nextmillmedia.com
crb.kargo.com
creativecdn.com
cs.chocolateplatform.com
cs.media.net
csync.loopme.me
de.tynt.com
delta.adprime.com
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
gumlet.assettype.com
hb.minutemedia-prebid.com
hb.yahoo.net
hbx.media.net
hde.tynt.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.mediago.io
inv-nets.admixer.net
ipv6.adrta.com
js-sec.indexww.com
live.primis.tech
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pbs.nextmillmedia.com
pippio.com
pix.adrta.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
protected-by.clarium.io
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
q.adrta.com
qw.jinghuashuiyao.xyz
r.bidswitch.net
r.turn.com
report2.hb.brainlyads.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.adtelligent.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servedbydoceree.doceree.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.api.tappx.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-service.net
sync-tm.everesttech.net
sync.adprime.com
sync.aniview.com
sync.aralego.com
sync.bfmio.com
sync.colossusssp.com
sync.e-planning.net
sync.intentiq.com
sync.ipredictive.com
sync.springserve.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
sync1.intentiq.com
t.adx.opera.com
t.pswec.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.lhmos.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
us.shb-sync.com
us01.z.antigena.com
usersync.gumgum.com
www.drugs.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.medtargetsystem.com
x.bidswitch.net
33across-match.dotomi.com
api.rlcdn.com
atemda.com
c1.adform.net
cs.chocolateplatform.com
eb2.3lift.com
i.liadm.com
pixel-us-east.rubiconproject.com
secure-assets.rubiconproject.com
ssbsync-global.smartadserver.com
ssc-cms.33across.com
ssp.api.tappx.com
ups.analytics.yahoo.com
us.ck-ie.com
x.bidswitch.net
104.18.36.155
104.18.43.90
104.21.8.235
104.67.4.192
107.151.11.58
107.178.254.65
13.224.68.54
13.227.219.17
142.250.65.194
142.251.40.226
147.135.119.114
147.75.195.55
151.101.2.49
162.248.18.37
172.240.155.68
172.64.146.152
172.64.149.180
172.64.151.101
172.67.27.232
172.98.26.246
173.231.178.77
18.215.44.14
18.239.69.99
18.239.83.91
184.73.159.2
185.167.164.43
185.184.8.90
192.96.203.13
198.148.27.131
199.38.167.130
2001:4860:4802:32::181
204.62.14.190
207.198.113.203
209.54.182.161
211.120.53.206
216.219.92.22
216.22.16.53
23.105.12.136
23.199.48.228
23.199.48.23
23.206.252.26
23.206.253.109
23.23.163.185
23.37.113.154
23.4.226.82
23.44.201.234
23.92.190.68
2600:1f14:b4f:4b03:4a0d:9a74:130d:b53d
2600:1f18:4e9:5a07:1404:5fed:fb6f:9150
2600:1f18:612b:4264:5fe1:169a:9e33:a694
2600:9000:20a0:8c00:1a:5235:f980:93a1
2600:9000:20b4:4000:1b:6b7d:2300:93a1
2600:9000:2209:ee00:1b:5138:8a40:93a1
2602:803:c002:200::43
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:3037::6815:8eb
2606:4700:4400::ac40:95b4
2606:4700::6812:19ad
2606:4700::6813:9e13
2606:ae80:1451:24::730
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c08::9a
2607:f8b0:4006:807::2004
2607:f8b0:4006:809::2002
2607:f8b0:4006:817::2008
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2001
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
2620:112:f002:bbbb::21
2620:116:800b:21:4cb8:1820:80ca:50f7
2620:1ec:21::14
2a04:4e42:200::300
3.133.242.36
3.225.218.10
3.86.121.216
34.102.246.198
34.111.113.62
34.111.60.239
34.120.63.153
34.133.71.175
34.160.19.107
34.196.44.50
34.198.202.75
34.225.59.34
34.235.210.13
34.96.71.22
34.98.64.218
35.172.99.217
35.186.193.173
35.190.60.146
35.208.249.213
35.211.118.13
35.211.178.172
35.214.250.169
35.227.252.103
35.71.131.137
35.71.139.29
38.68.201.140
38.91.45.7
40.76.134.238
44.195.14.13
44.210.169.166
44.220.12.129
52.2.255.128
52.206.230.220
52.22.89.222
52.222.139.117
52.222.139.15
52.222.139.24
52.5.102.125
52.6.167.249
52.7.125.92
52.71.198.74
52.71.54.14
52.73.162.54
52.87.59.166
54.152.100.178
54.80.222.112
54.84.92.154
54.85.123.12
63.251.86.51
64.74.236.31
67.202.105.22
67.202.105.34
67.220.226.232
68.67.160.117
68.67.160.26
69.173.151.100
69.173.151.96
74.119.119.150
8.2.108.194
8.2.110.13
8.2.110.33
8.28.7.81
8.28.7.83
8.28.7.84
80.77.87.89
82.145.213.8
96.46.186.182
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0436218419138292754d5968a694c514eacf1751c04afaed3e30f5a9ca86a2d4
046648fae0bbef38fa6460e3f50c14bf0827143b5d4afa99b672a28ecb60495f
04b25a258061062e91df449192ee34d3acaa705e056610f149a7f30efbff261f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05817eec44bc80fdde558b15bf0508294ab4493257de9478ad44cae5f41a9f47
069eeae174e8a30522dad9d4a449b254c7ad1b37afffa1f3c2c6b7f7a8b842a7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba6d43a99b58111bd7c3a3407b59738cf2a6610889f98aaa17bedbf852071d5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c51e8021a39cec5fbf5c81f9d225f4b4fff3c0497caeadef6160f8b2d4dab5f
0cce65a7af35d9c1d116c51fb373b28a71e35d735e3d7adf3f87c45dd037c965
10be238c60be5bbaadb03278f672c655f482f5f0ab314c544e9f5bf8ec16c18f
154a0afe21a85b35aa5212399c2e830014aa8dd2121bc054d2b1d483ff3981ac
15fe7bce6923d72d971945bd9540dade79c0d3ef1d3b50dfe17414ce77b076c0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
19a7a8422d8f83ddea562697a937aaddafcb0c3cf7aa4d6428624b4ff749b445
19c2a7ee0e630d3606f6b8b8de615420c28d7a79d2d4196e5bbc897b5379ca0e
1c97b291f30dafec3877840f45e38fc5040760d5d48054ec301860db2f47abef
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2023d33cdcbc92384e340071f2f3a3ccbbd62712f938b15cf1fe823f93cbca59
21620cc80d3b8bca8d1d7ee73fa84b702ce118f32435a28f76f47c7842108dea
24ef8beb4e30e846a576ba8b2d79d9f99ba9ab7c6b0e681f66868a220dd435a3
25a7097f69e4df69a8ca5325ad763a9b3ca032fdc0ad0b3a47c3c115ba70a242
267114d3550473bf50577e0b880b01e2f6cd808ce81464686328fc5bcbead673
284729678dfc14f2980af6144dd48d19b247d90a5d83961cb9d46c2f038e06a7
2918294956f940c1597da06736bd9d4d7ed30854692a5bbc6f62cedb14ed3c1f
29c6997ca7aad236319ab206986cf56fda0b507fd881c4f3728c2206052e9341
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
2c6309c794c03727a2a0a12d691b90ad9596ec646b4e8a91c41cd2c425a74a28
2c88cc4e711770b66108a4a4289d190669d0ce45cc7dd093ba957a3a59a07cf4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
302e6d877bdd1efc1480882f4107cac5dd53a010f580da8aa1e5ed3358c39dc2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33af25ea6e4ae295446ef900537c762bfc9b6cc8973d1bf64dd5da7f65c35a58
3537d60bb6a0b98aa78020257cf125782e5dee5b574a8a011004d47b4dd2927b
355b777aa74b2d41e9dc2ad7a862d121fe62efff1f1e3f6a49eb152be2f83e19
36473a2334c8454e35b18200de2aacd09ac2b9a786633f555ce4309aa15357ae
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3993e2c76f427551e636267998692d22c826d3a09312e50b8dda1cd88035dcc6
3b29f6e42e34899f35354677572a0f96a0219aaeee6491d8a796a2e55b9f100d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
429c156d5d150e5566bf354862140ec4560fc502590925f9ac723134784cb391
44bf16996f8ea27d0bf7445853ab7d2c0cbf8f08ec3e6b296e97743d83f4a2ac
457a6f9d3d9fb8802a3f1485e3a824e020aec0efd274f86e8d57541ddd2bfb16
4611c657652d0a2d8ed994dfb79a7a25aa0f88115f7071d82a4579adf201a485
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f6c14652d27a6649bdddb19fbca07c59e88bba1bb08cc1edbd8dd7ac9241e11
53440d1a23f6042f7f5e6f7a015cca9f08c253f23e8cb85dbccc1c732942ea57
5439a02adb83f02029a408858ee77b02ce17bb75bb12fae41142a933078d2bf9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556fd7232f156150955b4e36d0d474e2efde5c9c191dd2e80aa48aecc44e93ac
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566e7d9dd5fa3c02b14b635aec3710d62bd06b1c5ada31a7b814cc62e1c0c403
57e397e034488b0a7258937098d406853e48c2a1b1e55ed04a883a78ce9e35df
5aa1aca02ae3f8c01293db6e61c6087fe70e1307023144c6cdbcd7161b51f661
5ba572ae6b4c4582da79bf2aa5d152a55cb3c1df71d81ac67b3354075b090ed7
5d1d3673c86b1a9123ecbaa9a4a1686686b473d52484025ce3144a831cba6071
5f1b19c236565ac55d17b578c7e1dbec67a1a82d41c01bb463595ffbaacfff66
6004a21148bd794cd3eee62b8b2fad2e61250849fc33028213f677328f9f9588
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
643da886b56a5f7c9178072d6e09ac2f8f3a0616c3ba77b26f23b8fe0f44248e
64495d1b9a11f0bbf0601078753d0cea1f987dc62406ba5b5209339ecda7df91
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3
656e61a60bd2e6bdf0002cb97e161a166bbe102b56c5e80b18bca83637fa1dee
66cab6980c777d2dd90aaafb84228583ef72ce767173feedb1acba98f2ffe732
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c350bc38e552cfd95f7f921e35f606ac04c09f2d268a0b1b629e1566abd6c88
6d668fd0277565536711718c67a3dc95cd347b20e5ed46291d5adf6ee14b256a
6e25cd0705ed881fa8995f3884f919bfb1b8ab59f6fafabf08c7d9959dfa6f27
6f056cd93627af37e9c1b0ee1b14d46b55934141a38cf5f1836f4062d65cf4fc
70b7de7c12636a3d0620866c7c429c90f9c74a4607ee01cfe34cd9af3ebc9d12
734a70a732e64363af59212d72b9fa2134e30cd20f9d53396e931359c5b85be2
7c34644217dd611984ea41a320538b8b733034b46bfd20140a43e6cbafca11bf
7e38538f00bfc2ce1d678ccae963e6005b2a832fe14fb77b882388fe5ca5793a
7e63398a4709901a9ed37d81a8665c42f39b2fcf346edebddf087f47f506d555
7f1de85c4ff6082c076c544eb00a4b51ee994ff5b000f6665de1765c4f7638c2
7fc5d1a34635619097dfed02de576b2442fc152aa58d9348866d1610a78bf5ec
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8505fb533c87697fec648aa24869517b3370cafa071a8bdb065de434dfcbb58d
85264f584684170d9e8c1276e07af53e3fa24dfb099f6d57aad5814082b04305
8725ee1594d040c4c70772d9f5c3e6737d5bcd68abb95dc7402886d0f9f1e2a7
8804cf6c6fe16415f9c632483b7ba942d9cf6528a81faaac5c45631d47ef0d75
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94cebc3273bb486f6bd6f02ded1a97988f02bd736da0ba45ca2a2cfbc0378cbf
953291d59992873aecd4cd61074ca0b45d1467373916775a1bca84362ce88f4b
9609a8009222df24fc798caa921f29f0bb6d243181cd375a132fa992b1349ad0
9684535497c9f8d85b3d42198a55a330e4dec2422fd16181b77ddc20dc0fe22d
97e3f8c4fd789a1d66508457b8dee8c8057de37e5ac2dd265c4e58288b83a227
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98c02ce70cc3fa8608657e8a8efec599a3e95d1c8fe781e8f30f54ca9ffb5cbd
9954fd3b52f278abc8dde86147713412ee6465da511c1d657e996cbcf325dad2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b90a9030c5ac8efca3c295514efb935f3a6941070185827428efea845343807
9ccaff3a6b3fc267980e2a91c0cddd41351e99d8aa171d65a0e5f2bff7df41ae
9d2093c5356a84a428ac01d530a776b7d3148e680c378d322fcf12796f54a580
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2191feadd12f1220f10c2e8f27f0f4bb27610614acfdd4041830baa076da8b6
a2da8919315fb8aa3ad2df275ce013efdaa08f1e4cf7638947de21e83f863ccf
a5947ce0ecf812b322381f0edfb123810cda973580ba806290b2d2419fbaced8
a6074e92dcd27d77d75203bc552e905d3437170d66509ad7d7253a8aed0ae78a
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad1c1e63a538a85f4503152c82646500e335afc4b00a3f1babdb88bb61bcd820
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd7e2ab52b63b70196a071cf307ea2ffe7db4600c5d8fff52462f0c4f6f367e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b158ba450d723a2aa4a4606f2ccf2e912cbc7172c9d3edd041aaf52028e6d3ee
b1eeec144b3df0ebf447aa9d858083a057037b3be912bf9f8ed3b955b58b0afc
b5c1f4d01973414023e9c25451a6828a5b030e0e04dc0e02c60b48f62fb50d19
b70160cad90376d811ed50a4dc3a94f2af4424a6547d3d045727fc9ce875a4b5
b92018605293c8ece49787c4f5a5f60094f0c456005fc7e3cf8765701e4c969b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bb859d1e70b4e401a0a119f4d62620d6550375920b112bca287a21e0075d2140
bcbb2b9107029458f0760edfdf3c777e4b9226753ea82500373d6ee37dd6e1ce
bdc4614dfaa189dddcb1d7a60014e8553b5c378ad5778f2f9e4e2505507647ce
be93d0e46d4144c4b0b9cbda024955547af68c15c3748aebb7f860a4eda90ebc
bee39f9d832a241f2d48f7c48f31dd2b270b75ae1c5cdff370b32ebea8216928
bef87c02c246ac2790fe69c985f7747c57d2a7b47721cc0fb6e536e36cc13d16
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c44469349f017f41be684863526b97656bbda90042a78225b24b6ea7b51b0e44
c5adbcc6ae6b3759cd66bf89ab54d2c285be905ecee3d184bf6bf566c6d9c649
c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b
c94c2f24613b00b6cfccb589e92a0ff1e7a36663b646599386f89227f1746635
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb5a1a8f21316aed98fe4b2857d98046758a8425da30ba1d43d8cc2af0af766c
cdf4b9289a5e3571bd55b941f67d4e2fe52b735b0ea762a20638c10b52e091ba
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d3dc179d84cb4d2a21efec8ef40d82909db25639ddda3cfa65249f6b0d1e1461
d90e19153cac7cd24627b7dbefa9b85405b713d538f67d7911dc0fb4752862b4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3771fa15f4d3c687eacf64bf959a2049bbb3dfa58e47e148176720dd2dfbc67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e465b69471756c44b36550bff5e1d6ad499d7266887fcf8abe8cbbcafa8b2f58
e80701786be134c36480da42d310f2d3e08dd6f15a75d9174d56cce9b79fe42c
ea3c2573e4e9381f3c49b607f5c8364a6977ab4bfa81ce93782e5c28691d7320
ea86c6cc46bed2cafa4ea4aa8ea822108328cde06f20e57f2d145ba5260145e0
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f257562e98da1043dd24551ce9f41f0851d211e7979b65b4d4bcf69776423ccb
f53c60ef8be6f024b095b7a29afb986feee3454ce153b9c6e86d939023bd350e
f7fbff0f47a646cd53cc5c4db6678fdeee4ad01a9cfe3a09b21caf1f311d0d1b
f946a259264a9bd695333cef2d44623d16fc37f1b75bd5a4291bbea807c381d1
f950b1273fa3d3aefd95c79cea8f6b372c662fc96c163d960cff78cc23d0ddbd
fa0d6e58c3c27a0c304c8dc68ace319962e8e325e1365ba2436f8e15e3014d51
fb9b9ed77b8a83d90710061bacf4117d03f47f8de42c8dced9b954723fa894c0