![](/screenshots/40b11d2c-6289-4501-91ac-e5aca313cebd.png)
www.newsandpromotions.com
Open in
urlscan Pro
35.227.209.77
Public Scan
Effective URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Submission Tags: threatshare
Submission: On March 25 via api from GB — Scanned from GB
Summary
TLS certificate: Issued by GTS CA 1D4 on March 13th 2024. Valid for: 3 months.
This is the only time www.newsandpromotions.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
dinnza.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 77.209.227.35.bc.googleusercontent.com
www.newsandpromotions.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.12.111.34.bc.googleusercontent.com
track.ecampaignstats.com |
ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
c.fqtag.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
static.hotjar.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-220-50.compute-1.amazonaws.com
aorta.clickagy.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-99-1.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: 172.36.190.35.bc.googleusercontent.com
cdn.fqtag.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-129-236.compute-1.amazonaws.com
hemsync.clickagy.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-37.deploy.static.akamaitechnologies.com
fo-static.omnitagjs.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net
script.hotjar.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com |
ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com |
ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com |
ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net |
ASN15169 (GOOGLE, US)
PTR: 90.132.214.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk |
ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-19.fra56.r.cloudfront.net
api-2-0.spot.im |
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-86-157.eu-west-1.compute.amazonaws.com
match.prod.bidr.io |
ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com |
ASN15169 (GOOGLE, US)
PTR: 184.206.214.35.bc.googleusercontent.com
csync.loopme.me |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-145-203.compute-1.amazonaws.com
sync.srv.stackadapt.com |
ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-23-8-24.deploy.static.akamaitechnologies.com
contextual.media.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-129-77.us-west-2.compute.amazonaws.com
jadserve.postrelease.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-219-30.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-208-25.eu-west-1.compute.amazonaws.com
ap.lijit.com |
ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.69.bidtellect.com
bttrack.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
aux.fqtag.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
newsandpromotions.com
1 redirects
www.newsandpromotions.com — Cisco Umbrella Rank: 231071 |
235 KB |
11 |
omnitagjs.com
fo-api.omnitagjs.com — Cisco Umbrella Rank: 50414 fo-static.omnitagjs.com — Cisco Umbrella Rank: 21812 fo-ssp.omnitagjs.com — Cisco Umbrella Rank: 58781 visitor.omnitagjs.com — Cisco Umbrella Rank: 1091 |
125 KB |
6 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 1170 a.clarity.ms — Cisco Umbrella Rank: 8810 c.clarity.ms — Cisco Umbrella Rank: 1778 |
28 KB |
5 |
clickagy.com
2 redirects
tags.clickagy.com — Cisco Umbrella Rank: 59262 aorta.clickagy.com — Cisco Umbrella Rank: 3843 hemsync.clickagy.com — Cisco Umbrella Rank: 52982 |
15 KB |
4 |
adnxs.com
4 redirects
secure.adnxs.com — Cisco Umbrella Rank: 800 |
5 KB |
4 |
fqtag.com
c.fqtag.com — Cisco Umbrella Rank: 120030 cdn.fqtag.com — Cisco Umbrella Rank: 42859 aux.fqtag.com — Cisco Umbrella Rank: 45133 |
91 KB |
3 |
bidswitch.net
2 redirects
x.bidswitch.net — Cisco Umbrella Rank: 615 |
2 KB |
3 |
google.com
www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 2156 |
369 B |
3 |
gstatic.com
fonts.gstatic.com |
79 KB |
3 |
taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1350 sync.taboola.com — Cisco Umbrella Rank: 1963 |
209 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101 |
21 KB |
2 |
zemanta.com
2 redirects
b1sync.zemanta.com — Cisco Umbrella Rank: 1114 |
922 B |
2 |
bidr.io
2 redirects
match.prod.bidr.io — Cisco Umbrella Rank: 994 |
1 KB |
2 |
creativecdn.com
2 redirects
creativecdn.com — Cisco Umbrella Rank: 772 |
1 KB |
2 |
rubiconproject.com
1 redirects
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1435 eus.rubiconproject.com — Cisco Umbrella Rank: 866 |
151 B |
2 |
criteo.com
gum.criteo.com — Cisco Umbrella Rank: 635 dis.criteo.com — Cisco Umbrella Rank: 979 |
651 B |
2 |
google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3085 |
126 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 203 |
415 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 246 |
89 KB |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1305 script.hotjar.com — Cisco Umbrella Rank: 1679 |
59 KB |
2 |
ecampaignstats.com
2 redirects
track.ecampaignstats.com — Cisco Umbrella Rank: 245864 |
307 B |
2 |
dinnza.com
1 redirects
dinnza.com — Cisco Umbrella Rank: 555871 |
2 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 442 |
761 B |
1 |
ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 10301 |
265 B |
1 |
bttrack.com
bttrack.com — Cisco Umbrella Rank: 1609 |
163 B |
1 |
lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1074 |
175 B |
1 |
yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2542 |
376 B |
1 |
postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1631 |
422 B |
1 |
media.net
contextual.media.net — Cisco Umbrella Rank: 1153 |
318 B |
1 |
seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 2401 |
284 B |
1 |
stackadapt.com
1 redirects
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1204 |
1 KB |
1 |
loopme.me
1 redirects
csync.loopme.me — Cisco Umbrella Rank: 1480 |
285 B |
1 |
pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 1020 |
42 B |
1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 530 |
149 B |
1 |
spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 3099 |
456 B |
1 |
metadsp.co.uk
1 redirects
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 9754 |
239 B |
1 |
33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1524 |
|
1 |
onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1026 |
|
1 |
luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 18838 |
749 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 108 |
85 KB |
1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 889 |
295 B |
1 |
crwdcntrl.net
1 redirects
sync.crwdcntrl.net — Cisco Umbrella Rank: 1467 |
216 B |
1 |
luckyorange.com
ssl.luckyorange.com — Cisco Umbrella Rank: 198600 |
3 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 112 |
1 KB |
1 |
leak-hub.com
1 redirects
leak-hub.com |
1 KB |
0 |
rlcdn.com
Failed
id.rlcdn.com Failed |
|
97 | 46 |
Domain | Requested by | |
---|---|---|
32 | www.newsandpromotions.com |
1 redirects
dinnza.com
www.newsandpromotions.com |
8 | visitor.omnitagjs.com |
www.newsandpromotions.com
|
4 | secure.adnxs.com | 4 redirects |
3 | x.bidswitch.net |
2 redirects
www.newsandpromotions.com
|
3 | aorta.clickagy.com |
2 redirects
tags.clickagy.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | www.google-analytics.com |
www.newsandpromotions.com
www.google-analytics.com |
2 | c.clarity.ms | 1 redirects |
2 | b1sync.zemanta.com | 2 redirects |
2 | match.prod.bidr.io | 2 redirects |
2 | creativecdn.com | 2 redirects |
2 | region1.analytics.google.com |
www.googletagmanager.com
|
2 | a.clarity.ms |
www.clarity.ms
|
2 | www.google.co.uk |
www.newsandpromotions.com
|
2 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
2 | connect.facebook.net |
www.newsandpromotions.com
connect.facebook.net |
2 | www.clarity.ms |
www.newsandpromotions.com
www.clarity.ms |
2 | cdn.taboola.com |
www.newsandpromotions.com
cdn.taboola.com |
2 | c.fqtag.com |
www.newsandpromotions.com
cdn.fqtag.com |
2 | track.ecampaignstats.com | 2 redirects |
2 | dinnza.com | 1 redirects |
1 | c.bing.com | 1 redirects |
1 | aux.fqtag.com |
cdn.fqtag.com
|
1 | matching.ivitrack.com |
www.newsandpromotions.com
|
1 | bttrack.com |
www.newsandpromotions.com
|
1 | ap.lijit.com |
www.newsandpromotions.com
|
1 | cs-server-s2s.yellowblue.io |
www.newsandpromotions.com
|
1 | jadserve.postrelease.com |
www.newsandpromotions.com
|
1 | contextual.media.net |
www.newsandpromotions.com
|
1 | s.seedtag.com |
www.newsandpromotions.com
|
1 | sync.srv.stackadapt.com | 1 redirects |
1 | sync.taboola.com |
www.newsandpromotions.com
|
1 | csync.loopme.me | 1 redirects |
1 | image8.pubmatic.com |
www.newsandpromotions.com
|
1 | match.adsrvr.org |
www.newsandpromotions.com
|
1 | api-2-0.spot.im |
www.newsandpromotions.com
|
1 | u.ipw.metadsp.co.uk | 1 redirects |
1 | dis.criteo.com |
www.newsandpromotions.com
|
1 | eus.rubiconproject.com |
fo-ssp.omnitagjs.com
|
1 | secure-assets.rubiconproject.com | 1 redirects |
1 | ssc-cms.33across.com |
fo-ssp.omnitagjs.com
|
1 | onetag-sys.com |
fo-ssp.omnitagjs.com
|
1 | settings.luckyorange.net |
ssl.luckyorange.com
|
1 | fo-ssp.omnitagjs.com |
fo-static.omnitagjs.com
|
1 | gum.criteo.com |
cdn.taboola.com
|
1 | www.google.com |
www.newsandpromotions.com
|
1 | www.googletagmanager.com |
www.google-analytics.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | fo-static.omnitagjs.com |
fo-api.omnitagjs.com
|
1 | hemsync.clickagy.com |
tags.clickagy.com
|
1 | cdn.fqtag.com |
c.fqtag.com
|
1 | us-u.openx.net |
www.newsandpromotions.com
|
1 | sync.crwdcntrl.net | 1 redirects |
1 | ssl.luckyorange.com |
www.newsandpromotions.com
|
1 | static.hotjar.com |
www.newsandpromotions.com
|
1 | tags.clickagy.com |
www.newsandpromotions.com
|
1 | fo-api.omnitagjs.com |
www.newsandpromotions.com
|
1 | fonts.googleapis.com |
www.newsandpromotions.com
|
1 | leak-hub.com | 1 redirects |
0 | id.rlcdn.com Failed |
www.newsandpromotions.com
|
97 | 60 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
belgradeonline.com R3 |
2024-01-25 - 2024-04-24 |
3 months | crt.sh |
newsandpromotions.com GTS CA 1D4 |
2024-03-13 - 2024-06-11 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA |
2023-06-23 - 2024-07-22 |
a year | crt.sh |
*.clickagy.com Amazon ECDSA 256 M02 |
2023-09-22 - 2024-10-20 |
a year | crt.sh |
*.fqtag.com R3 |
2024-01-27 - 2024-04-26 |
3 months | crt.sh |
*.hotjar.com Amazon ECDSA 256 M03 |
2024-02-07 - 2025-03-08 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-10 - 2024-05-09 |
a year | crt.sh |
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-10-23 - 2024-11-22 |
a year | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-07 - 2024-12-07 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-01-02 - 2024-04-01 |
3 months | crt.sh |
dyn.omnitagjs.com R3 |
2024-02-04 - 2024-05-04 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
*.google.co.uk GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-08 - 2024-05-07 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 01 |
2024-01-14 - 2024-06-27 |
5 months | crt.sh |
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1 |
2024-01-23 - 2025-01-29 |
a year | crt.sh |
*.33across.com Sectigo RSA Domain Validation Secure Server CA |
2023-09-06 - 2024-09-30 |
a year | crt.sh |
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-03-07 - 2025-04-03 |
a year | crt.sh |
*.spot.im Amazon RSA 2048 M02 |
2023-09-03 - 2024-09-30 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1 |
2023-04-20 - 2024-05-20 |
a year | crt.sh |
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA |
2024-03-22 - 2025-04-22 |
a year | crt.sh |
*.media.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-21 - 2024-12-21 |
a year | crt.sh |
*.postrelease.com Amazon RSA 2048 M02 |
2023-08-30 - 2024-09-28 |
a year | crt.sh |
*.yellowblue.io Amazon ECDSA 256 M03 |
2024-03-18 - 2025-04-16 |
a year | crt.sh |
*.lijit.com Amazon RSA 2048 M02 |
2023-11-21 - 2024-12-19 |
a year | crt.sh |
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA |
2024-03-01 - 2025-04-01 |
a year | crt.sh |
itm.ivitrack.com R3 |
2024-02-12 - 2024-05-12 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Frame ID: 7ED783346EFB9C8E199A1E5272D35477
Requests: 94 HTTP requests in this frame
Frame:
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: 9824F6B52B4E0143BDFC675F5BF64270
Requests: 1 HTTP requests in this frame
Frame:
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Frame ID: D251156CE6E0B4D855F428CE41703BFE
Requests: 1 HTTP requests in this frame
Frame:
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 45159690799D00F9FDE1E70891EF97AF
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/40b11d2c-6289-4501-91ac-e5aca313cebd.png)
Page Title
Special OfferPage URL History Show full URLs
-
http://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php
HTTP 307
https://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php HTTP 302
http://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0z... HTTP 307
https://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0z... Page URL
-
http://dinnza.com/f2.php?e=LSAFaP3zw9DULZpGkF6JHX49fjhGaG5UWTdYWUxkU1dSU3k3cTFLd3JNZ2MvTGh4eUN...
HTTP 307
https://dinnza.com/f2.php?e=LSAFaP3zw9DULZpGkF6JHX49fjhGaG5UWTdYWUxkU1dSU3k3cTFLd3JNZ2MvTGh4eUN... HTTP 302
https://www.newsandpromotions.com/tracking/11911 HTTP 307
http://track.ecampaignstats.com/lprd/trk.php?TID=11911 HTTP 307
https://track.ecampaignstats.com/lprd/trk.php?TID=11911 HTTP 302
http://track.ecampaignstats.com/scr/btr.php?bl=1&rd=1&bua=0&TID=11911 HTTP 307
https://track.ecampaignstats.com/scr/btr.php?bl=1&rd=1&bua=0&TID=11911 HTTP 302
http://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 HTTP 307
https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Page URL
Detected technologies
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/Hotjar.png)
Detected patterns
- //static\.hotjar\.com/
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
![](/vendor/wappa/icons/OpenX.png)
Detected patterns
- https?://[^/]*\.openx\.net
![](/vendor/wappa/icons/PubMatic.png)
Detected patterns
- https?://[^/]*\.pubmatic\.com
![](/vendor/wappa/icons/Rubicon Project.png)
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php
HTTP 307
https://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php HTTP 302
http://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWVOMG13NGp1dVBIWHVMc2NheUo3R05WeXpIcnZ5MGNqdVlEckIrQ0lGNWswRUtacTBtMVdEQUUyWVQ1SnAyUWJuamVlenM0Q0ViRlZOVldZVlJGQXJ0cjhhVVVzVjRna0pCYjFDWllvVXFJTzhqeDVtaXN2TW5GOEpnSkw1ZVBTOTBSRWtjYlE1citVS1d6bDY0ZC9ZQnRMMVYrbDE1UXlRYW1mV2NxbE8vV3FMOEYrVnJYajYrNXVmRFJGSHhZV2d0RXlDWkQ3ZTBjSmcxR2lnK0ZuV2x5c0hwTDNoYy8rUklRYXdkb2ZrNytFMXFMQlVqSmZFVXBhd0hmUFVxcjhnK1R5ekZPOFROVXNxRjA5WjBKZ3gwV1N0ZkhPanZGMmoxbVg5ZmkxcW1TVWZrdWRPNzEwb3Z2S29venJWbHBhcndiYW84eDhpRWRMZ2I4YlQ1ekxMak5TSUVpbVJmNGVINm9WUTZjYXI0NDJpRHY5Nm10Mm12Q0NpSk9sd1JRbFhGK3BpNm5OT0JVN1VtVklGeTRsaTNrWEljMFpLZzNENzg0WUVpZ1dWOXBBQ2RrbTlUTnFqek1FQ2FPcFVPdGZhcmpIRW9RcXFBV2s5bXFDcnBnVGxpNU9yQXd0R2N1emVta3pUNTZjS2VNS2NIMk53UjY0UlNUSUZMcXZ0TGl6SE9OQXBZWjJsZUlqRVh3RlEzakphOFR4c0h3WEltbWRPTEZmcTIwZ0pTY3RtMUMvT3lGMTVWVm5vTWNUbnZyT1U1Z0JDK2R4SCtZVGZ2R2JIZmdvcWttWWQ2VkVQNHJrZyt1T0lROHd4RWVsV2o4Q09HNWlMM1R6eXhwSmUvdHFaN1pXVFB2YlJHZ1NNSGJ3OGtUS25xNlp6TTdJTHNhZW5hYWRnUTdyVkJtbDh1NkdLenVpOWhaZkVwNFRlblVHREVBRVpUelJ1ZG5PeG11c3Z5aGN0RmwvL1dKQlM4MVpFTXh4ZTZCT0F6RjRRPT0%3D HTTP 307
https://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWVOMG13NGp1dVBIWHVMc2NheUo3R05WeXpIcnZ5MGNqdVlEckIrQ0lGNWswRUtacTBtMVdEQUUyWVQ1SnAyUWJuamVlenM0Q0ViRlZOVldZVlJGQXJ0cjhhVVVzVjRna0pCYjFDWllvVXFJTzhqeDVtaXN2TW5GOEpnSkw1ZVBTOTBSRWtjYlE1citVS1d6bDY0ZC9ZQnRMMVYrbDE1UXlRYW1mV2NxbE8vV3FMOEYrVnJYajYrNXVmRFJGSHhZV2d0RXlDWkQ3ZTBjSmcxR2lnK0ZuV2x5c0hwTDNoYy8rUklRYXdkb2ZrNytFMXFMQlVqSmZFVXBhd0hmUFVxcjhnK1R5ekZPOFROVXNxRjA5WjBKZ3gwV1N0ZkhPanZGMmoxbVg5ZmkxcW1TVWZrdWRPNzEwb3Z2S29venJWbHBhcndiYW84eDhpRWRMZ2I4YlQ1ekxMak5TSUVpbVJmNGVINm9WUTZjYXI0NDJpRHY5Nm10Mm12Q0NpSk9sd1JRbFhGK3BpNm5OT0JVN1VtVklGeTRsaTNrWEljMFpLZzNENzg0WUVpZ1dWOXBBQ2RrbTlUTnFqek1FQ2FPcFVPdGZhcmpIRW9RcXFBV2s5bXFDcnBnVGxpNU9yQXd0R2N1emVta3pUNTZjS2VNS2NIMk53UjY0UlNUSUZMcXZ0TGl6SE9OQXBZWjJsZUlqRVh3RlEzakphOFR4c0h3WEltbWRPTEZmcTIwZ0pTY3RtMUMvT3lGMTVWVm5vTWNUbnZyT1U1Z0JDK2R4SCtZVGZ2R2JIZmdvcWttWWQ2VkVQNHJrZyt1T0lROHd4RWVsV2o4Q09HNWlMM1R6eXhwSmUvdHFaN1pXVFB2YlJHZ1NNSGJ3OGtUS25xNlp6TTdJTHNhZW5hYWRnUTdyVkJtbDh1NkdLenVpOWhaZkVwNFRlblVHREVBRVpUelJ1ZG5PeG11c3Z5aGN0RmwvL1dKQlM4MVpFTXh4ZTZCT0F6RjRRPT0%3D Page URL
-
http://dinnza.com/f2.php?e=LSAFaP3zw9DULZpGkF6JHX49fjhGaG5UWTdYWUxkU1dSU3k3cTFLd3JNZ2MvTGh4eUNaRmptTkcyNUhQTVpTaXFwZzRMQjRhdmNCUXJxc3RWejdNWWJZZXo0cU90dkhBd0RrR2xZUFlDS3pwdnN6YklVKzFXblFkV1RveWNmTXJCNGVDTVBrdWM4L211cUZyd3RWZCtQSURHcmhRQzhGbFFGbzh2OVdSVDJ6SUlhVitDeHhGalJLK3lmaDBsSlNYd1lJdEFYNStVQWFKcjBUb2U0OVh5ZzBNYWJvNU1qdHlvcisvM0pNR0Qxa3pzTDZTbGs2aHJ5aTdZSHY1dTh0Ykw2a0E2VUpFaEtkS2tvOGJ1U2ZOOVVtc3doeXl5OUdDeU1XK1dMdXU5ZXZQYllVdFdrbmZsVlgxK3lVcTRlRkdHc0h4c2o0ZDVCV1l5cFVDSW1vNldMVTQyOWtjRmZ3djlNczlSUUJKQU4wTlE5MXFKYjJaZlQvMktpR0hzVXpMb0hvU1R5ZDdhRjFGb3p0bzI0L3NxY003T1FoM0NvV3VHZHFoQ00zdzVKRHM1VjhpSXZXUGNuTTk3bnNqSDhqdTFlVUNvZnc3TkwxMTdBd0V6YUk0R0tESm9WUkl6U0Z2TjlzNk5Mci9sZ2RpT1BOMVlaUHVsQ2htZzJKaHRnVU5qd1lNY1Q4SWV5cGRxSmJiRHdISmlkd3B5SVlxYjRMS0kxV3lxdU1VZHRFZ3E0L2tHcDF0ZmIzQzZuKzYrcXdzbklOV0RxOEdHNFZKWTUydzZZU1Jpa2FWRUF4dW1HaXJFeHFjTHE5d0lkOVhCek12THMyYVJ4U29kSTJzR3R5d1NubFBTTmtxb2xaTFBTSU5xMFVhcWNrRVRueGNGbXNUUkQwdGRvTUpoajVMVk1lNHBkMWphV1dxMlEvSlluWmR1K01Yb3d4SmE3b2t1RzcrcmE2YUNqcFQ5ZElUcFltQkltOHYrYVovc0U3c2V4a2VRU3BOdVhPNmVyU0pUQ1ZKOWlydmFxTWlvL1RnbDBoWjZjT0V3VlZDa3djcUxxWGw5YlltOEhGbjc4SDcrdXBLZ0dpcndnUzhNQmNKcDZvNUV6ZWhwSkNoeUZ2TzZPcHVtMjhBaTFGdXFpWERMbjlCak05ODFZZ0x6VURCNWJDc0xuSE85a2NJTkdDYWdTS014dDhXQlp5V0dJd2N6NVhxcDdZSHJ4T3FsR3VucS9JRDNXYWh2UkFudz09&vs=1600:1113&ds=800:600&sl=80:80&os=f&nos=f
HTTP 307
https://dinnza.com/f2.php?e=LSAFaP3zw9DULZpGkF6JHX49fjhGaG5UWTdYWUxkU1dSU3k3cTFLd3JNZ2MvTGh4eUNaRmptTkcyNUhQTVpTaXFwZzRMQjRhdmNCUXJxc3RWejdNWWJZZXo0cU90dkhBd0RrR2xZUFlDS3pwdnN6YklVKzFXblFkV1RveWNmTXJCNGVDTVBrdWM4L211cUZyd3RWZCtQSURHcmhRQzhGbFFGbzh2OVdSVDJ6SUlhVitDeHhGalJLK3lmaDBsSlNYd1lJdEFYNStVQWFKcjBUb2U0OVh5ZzBNYWJvNU1qdHlvcisvM0pNR0Qxa3pzTDZTbGs2aHJ5aTdZSHY1dTh0Ykw2a0E2VUpFaEtkS2tvOGJ1U2ZOOVVtc3doeXl5OUdDeU1XK1dMdXU5ZXZQYllVdFdrbmZsVlgxK3lVcTRlRkdHc0h4c2o0ZDVCV1l5cFVDSW1vNldMVTQyOWtjRmZ3djlNczlSUUJKQU4wTlE5MXFKYjJaZlQvMktpR0hzVXpMb0hvU1R5ZDdhRjFGb3p0bzI0L3NxY003T1FoM0NvV3VHZHFoQ00zdzVKRHM1VjhpSXZXUGNuTTk3bnNqSDhqdTFlVUNvZnc3TkwxMTdBd0V6YUk0R0tESm9WUkl6U0Z2TjlzNk5Mci9sZ2RpT1BOMVlaUHVsQ2htZzJKaHRnVU5qd1lNY1Q4SWV5cGRxSmJiRHdISmlkd3B5SVlxYjRMS0kxV3lxdU1VZHRFZ3E0L2tHcDF0ZmIzQzZuKzYrcXdzbklOV0RxOEdHNFZKWTUydzZZU1Jpa2FWRUF4dW1HaXJFeHFjTHE5d0lkOVhCek12THMyYVJ4U29kSTJzR3R5d1NubFBTTmtxb2xaTFBTSU5xMFVhcWNrRVRueGNGbXNUUkQwdGRvTUpoajVMVk1lNHBkMWphV1dxMlEvSlluWmR1K01Yb3d4SmE3b2t1RzcrcmE2YUNqcFQ5ZElUcFltQkltOHYrYVovc0U3c2V4a2VRU3BOdVhPNmVyU0pUQ1ZKOWlydmFxTWlvL1RnbDBoWjZjT0V3VlZDa3djcUxxWGw5YlltOEhGbjc4SDcrdXBLZ0dpcndnUzhNQmNKcDZvNUV6ZWhwSkNoeUZ2TzZPcHVtMjhBaTFGdXFpWERMbjlCak05ODFZZ0x6VURCNWJDc0xuSE85a2NJTkdDYWdTS014dDhXQlp5V0dJd2N6NVhxcDdZSHJ4T3FsR3VucS9JRDNXYWh2UkFudz09&vs=1600:1113&ds=800:600&sl=80:80&os=f&nos=f HTTP 302
https://www.newsandpromotions.com/tracking/11911 HTTP 307
http://track.ecampaignstats.com/lprd/trk.php?TID=11911 HTTP 307
https://track.ecampaignstats.com/lprd/trk.php?TID=11911 HTTP 302
http://track.ecampaignstats.com/scr/btr.php?bl=1&rd=1&bua=0&TID=11911 HTTP 307
https://track.ecampaignstats.com/scr/btr.php?bl=1&rd=1&bua=0&TID=11911 HTTP 302
http://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 HTTP 307
https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php HTTP 307
- https://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php HTTP 302
- http://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWVOMG13NGp1dVBIWHVMc2NheUo3R05WeXpIcnZ5MGNqdVlEckIrQ0lGNWswRUtacTBtMVdEQUUyWVQ1SnAyUWJuamVlenM0Q0ViRlZOVldZVlJGQXJ0cjhhVVVzVjRna0pCYjFDWllvVXFJTzhqeDVtaXN2TW5GOEpnSkw1ZVBTOTBSRWtjYlE1citVS1d6bDY0ZC9ZQnRMMVYrbDE1UXlRYW1mV2NxbE8vV3FMOEYrVnJYajYrNXVmRFJGSHhZV2d0RXlDWkQ3ZTBjSmcxR2lnK0ZuV2x5c0hwTDNoYy8rUklRYXdkb2ZrNytFMXFMQlVqSmZFVXBhd0hmUFVxcjhnK1R5ekZPOFROVXNxRjA5WjBKZ3gwV1N0ZkhPanZGMmoxbVg5ZmkxcW1TVWZrdWRPNzEwb3Z2S29venJWbHBhcndiYW84eDhpRWRMZ2I4YlQ1ekxMak5TSUVpbVJmNGVINm9WUTZjYXI0NDJpRHY5Nm10Mm12Q0NpSk9sd1JRbFhGK3BpNm5OT0JVN1VtVklGeTRsaTNrWEljMFpLZzNENzg0WUVpZ1dWOXBBQ2RrbTlUTnFqek1FQ2FPcFVPdGZhcmpIRW9RcXFBV2s5bXFDcnBnVGxpNU9yQXd0R2N1emVta3pUNTZjS2VNS2NIMk53UjY0UlNUSUZMcXZ0TGl6SE9OQXBZWjJsZUlqRVh3RlEzakphOFR4c0h3WEltbWRPTEZmcTIwZ0pTY3RtMUMvT3lGMTVWVm5vTWNUbnZyT1U1Z0JDK2R4SCtZVGZ2R2JIZmdvcWttWWQ2VkVQNHJrZyt1T0lROHd4RWVsV2o4Q09HNWlMM1R6eXhwSmUvdHFaN1pXVFB2YlJHZ1NNSGJ3OGtUS25xNlp6TTdJTHNhZW5hYWRnUTdyVkJtbDh1NkdLenVpOWhaZkVwNFRlblVHREVBRVpUelJ1ZG5PeG11c3Z5aGN0RmwvL1dKQlM4MVpFTXh4ZTZCT0F6RjRRPT0%3D HTTP 307
- https://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWVOMG13NGp1dVBIWHVMc2NheUo3R05WeXpIcnZ5MGNqdVlEckIrQ0lGNWswRUtacTBtMVdEQUUyWVQ1SnAyUWJuamVlenM0Q0ViRlZOVldZVlJGQXJ0cjhhVVVzVjRna0pCYjFDWllvVXFJTzhqeDVtaXN2TW5GOEpnSkw1ZVBTOTBSRWtjYlE1citVS1d6bDY0ZC9ZQnRMMVYrbDE1UXlRYW1mV2NxbE8vV3FMOEYrVnJYajYrNXVmRFJGSHhZV2d0RXlDWkQ3ZTBjSmcxR2lnK0ZuV2x5c0hwTDNoYy8rUklRYXdkb2ZrNytFMXFMQlVqSmZFVXBhd0hmUFVxcjhnK1R5ekZPOFROVXNxRjA5WjBKZ3gwV1N0ZkhPanZGMmoxbVg5ZmkxcW1TVWZrdWRPNzEwb3Z2S29venJWbHBhcndiYW84eDhpRWRMZ2I4YlQ1ekxMak5TSUVpbVJmNGVINm9WUTZjYXI0NDJpRHY5Nm10Mm12Q0NpSk9sd1JRbFhGK3BpNm5OT0JVN1VtVklGeTRsaTNrWEljMFpLZzNENzg0WUVpZ1dWOXBBQ2RrbTlUTnFqek1FQ2FPcFVPdGZhcmpIRW9RcXFBV2s5bXFDcnBnVGxpNU9yQXd0R2N1emVta3pUNTZjS2VNS2NIMk53UjY0UlNUSUZMcXZ0TGl6SE9OQXBZWjJsZUlqRVh3RlEzakphOFR4c0h3WEltbWRPTEZmcTIwZ0pTY3RtMUMvT3lGMTVWVm5vTWNUbnZyT1U1Z0JDK2R4SCtZVGZ2R2JIZmdvcWttWWQ2VkVQNHJrZyt1T0lROHd4RWVsV2o4Q09HNWlMM1R6eXhwSmUvdHFaN1pXVFB2YlJHZ1NNSGJ3OGtUS25xNlp6TTdJTHNhZW5hYWRnUTdyVkJtbDh1NkdLenVpOWhaZkVwNFRlblVHREVBRVpUelJ1ZG5PeG11c3Z5aGN0RmwvL1dKQlM4MVpFTXh4ZTZCT0F6RjRRPT0%3D
- https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
- https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:73eb6a079b8c6348c6d57ef1b9e155cf/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D HTTP 302
- https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm= HTTP 302
- https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
- https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
- https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
- https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 307
- https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%252B-%252BBanner%2526ttl%253D720%2526uid%253D75d56568a11564bfb79a01d2fa9fdb29%2526visitor%253D%2524UID%2526gdpr%253D0%2526gdpr_consent%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
- https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4519483493053224219&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
- https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 307
- https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%2526ttl%253D720%2526uid%253D48d5713d5c563cba2049f505b2d944b6%2526visitor%253D%2524UID%2526gdpr%253D0%2526gdpr_consent%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
- https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4519483493053224219&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
- https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
- https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
- https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=adyoulike&bsw_user_id=${BSW_USER_UD}&bsw_param=9e8cb4ce-7ff0-4158-89ba-669608118ca4&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
- https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=adyoulike&bsw_param=9e8cb4ce-7ff0-4158-89ba-669608118ca4
- https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
- https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=&tc=1 HTTP 302
- https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=uBi4rKQ_Xd3-h6PDDgh9Pf6huM4pqMrSZrFIdcEG45Q&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
- https://match.prod.bidr.io/cookie-sync/aul HTTP 303
- https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1 HTTP 303
- https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAKDKE7MAs8AABWS-tz17Q&name=BEESWAX
- https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
- https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0
- https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
- https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
- https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
- https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=92af4c3f-ab5d-4d47-9583-754bec3de184%20&gdpr_consent=null&gdpr=0
- https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
- https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-1461cd0e-8d79-5b22-741e-394fb682a8bc$ip$5.187.21.105&name=STACKADAPT&gdpr=0&gdpr_consent=
- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=25D8F42F41DE43A5ABC298AD6F995203&RedC=c.clarity.ms&MXFR=0FF4CC0D28BE623F28D7D8402CBE6C1F HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=25D8F42F41DE43A5ABC298AD6F995203&MUID=154623699FBE697036D937249E75687D
97 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
f.php
dinnza.com/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.newsandpromotions.com/special-offer/ Redirect Chain
|
63 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
www.newsandpromotions.com/wp-content/themes/magazine-pro/ |
43 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.min.css
www.newsandpromotions.com/wp-includes/css/dist/block-library/ |
87 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles.css
www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/css/ |
3 KB 994 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popup-styles.css
www.newsandpromotions.com/wp-content/plugins/m-wp-popup/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sfsi-style.css
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/ |
100 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
disable_sfsi.css
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/ |
78 B 114 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dashicons.min.css
www.newsandpromotions.com/wp-includes/css/ |
58 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
www.newsandpromotions.com/wp-includes/js/jquery/ |
87 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-migrate.min.js
www.newsandpromotions.com/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wpp-popup-frontend.js
www.newsandpromotions.com/wp-content/plugins/m-wp-popup/js/ |
35 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
advanced.min.js
www.newsandpromotions.com/wp-content/plugins/advanced-ads/public/assets/js/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
entry-date.js
www.newsandpromotions.com/wp-content/themes/magazine-pro/js/ |
380 B 259 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
responsive-menu.js
www.newsandpromotions.com/wp-content/themes/magazine-pro/js/ |
867 B 360 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ot.js
fo-api.omnitagjs.com/fo-api/ |
1009 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
data.js
tags.clickagy.com/ |
36 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
regenerator-runtime.min.js
www.newsandpromotions.com/wp-includes/js/dist/vendor/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wp-polyfill.min.js
www.newsandpromotions.com/wp-includes/js/dist/vendor/ |
19 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.js
www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/js/ |
21 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
core.min.js
www.newsandpromotions.com/wp-includes/js/jquery/ui/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
modernizr.custom.min.js
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/shuffle/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
custom.js
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/ |
36 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.flexslider.js
www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/js/ |
27 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wp-emoji-release.min.js
www.newsandpromotions.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
implement-r.js
c.fqtag.com/tag/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-31899.js
static.hotjar.com/c/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w.js
ssl.luckyorange.com/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
cdn.taboola.com/libtrc/newsandpromotions/ |
138 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kk7o1ny45v
www.clarity.ms/tag/ |
650 B 1013 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
newspromotions-1.png
www.newsandpromotions.com/wp-content/uploads/2016/12/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
data
aorta.clickagy.com/ |
57 B 513 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cm
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 295 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lead-img-colonial-pipeline-paid-bitcoin-ransomware-150x150.jpg
www.newsandpromotions.com/wp-content/uploads/2021/05/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image1-2-150x150.png
www.newsandpromotions.com/wp-content/uploads/2021/05/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5f457a9389aff80028ab7e63-150x150.jpeg
www.newsandpromotions.com/wp-content/uploads/2021/05/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1620912671_blueprint-api-production.s3.amazonaws-150x150.com
www.newsandpromotions.com/wp-content/uploads/2021/05/ |
7 KB 7 KB |
Image
application/x-msdownload |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
blueprint-api-production.s3.amazonaws-150x150.com
www.newsandpromotions.com/wp-content/uploads/2021/05/ |
7 KB 7 KB |
Image
application/x-msdownload |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
RipeFigs_HalloumiSaganaki-scaled-150x150.jpg
www.newsandpromotions.com/wp-content/uploads/2021/05/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.js
cdn.fqtag.com/1.27.339-ccfb11a/ |
88 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hasHashes
hemsync.clickagy.com/external/ |
2 B 333 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ot_multi.js
fo-static.omnitagjs.com/ |
490 KB 120 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
298 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
16 B 167 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.0ce9b654b0ac7fef3cf0.js
script.hotjar.com/ |
220 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
7 B 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
237 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.24/ |
60 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.co.uk/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
pixel
c.fqtag.com/ |
0 10 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
impl.20230903-6-RELEASE.js
cdn.taboola.com/libtrc/ |
803 KB 166 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
gum.criteo.com/ |
46 B 288 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
a.clarity.ms/ |
0 305 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
fo-ssp.omnitagjs.com/fo-ssp/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
settings.luckyorange.net/ |
127 B 749 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 261 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 56 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.co.uk/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
onetag-sys.com/usync/ Frame 9824 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ssc-cms.33across.com/ps/ Frame D251 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usync.html
eus.rubiconproject.com/ Frame 4515 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Redirect Chain
|
49 B 341 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Redirect Chain
|
49 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usersync.aspx
dis.criteo.com/dis/ |
43 B 363 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
x.bidswitch.net/ Redirect Chain
|
43 B 235 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Redirect Chain
|
49 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ayl_pixel
api-2-0.spot.im/pixels/ |
0 456 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic
match.adsrvr.org/track/cmf/ |
70 B 149 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Redirect Chain
|
49 B 177 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Redirect Chain
|
49 B 93 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ImgSync
image8.pubmatic.com/AdServer/ |
0 42 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Redirect Chain
|
49 B 93 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Redirect Chain
|
49 B 177 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/ |
0 99 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Redirect Chain
|
49 B 177 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adyoulike
s.seedtag.com/cs/cookiesync/ |
0 284 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cksync.php
contextual.media.net/ |
56 B 318 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
101967
jadserve.postrelease.com/suid/ |
43 B 422 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync-iframe
cs-server-s2s.yellowblue.io/ |
0 376 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
ap.lijit.com/ |
0 175 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
711333.gif
id.rlcdn.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookiesync
bttrack.com/pixel/ |
35 B 163 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
matching.ivitrack.com/ |
42 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
aux.fqtag.com/aux/ |
0 94 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.newsandpromotions.com/wp-content/plugins/genesis-favicon-uploader/favicons/ |
1 KB 719 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
a.clarity.ms/ |
0 305 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 45 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- id.rlcdn.com
- URL
- https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Verdicts & Comments Add Verdict or Comment
246 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onpagereveal object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue undefined| $ function| jQuery object| wpp function| wpp_check_rules function| wpp_do_exit_popup function| wpp_do_exit_intent_popup function| wpp_do_comment_autofill function| wpp_do_when_post_rule function| wpp_check_when_post_rule function| wpp_place_popup_close_cookie function| wpp_handle_form_submit function| wpp_getCookie function| wpp_setCookie function| wpp_deleteCookie function| DetectIphone function| DetectIpod function| DetectIpad function| DetectIphoneOrIpod function| DetectIos function| DetectAndroid function| DetectAndroidPhone function| DetectAndroidTablet function| DetectAndroidWebKit function| DetectGoogleTV function| DetectWebkit function| DetectS60OssBrowser function| DetectSymbianOS function| DetectWindowsPhone7 function| DetectWindowsMobile function| DetectBlackBerry function| DetectBlackBerryTablet function| DetectBlackBerryWebKit function| DetectBlackBerryTouch function| DetectBlackBerryHigh function| DetectBlackBerryLow function| DetectPalmOS function| DetectPalmWebOS function| DetectWebOSTablet function| DetectGarminNuvifone function| DetectSmartphone function| DetectArchos function| DetectBrewDevice function| DetectDangerHiptop function| DetectMaemoTablet function| DetectSonyMylo function| DetectOperaMobile function| DetectOperaAndroidPhone function| DetectOperaAndroidTablet function| DetectSonyPlaystation function| DetectNintendo function| DetectXbox function| DetectGameConsole function| DetectKindle function| DetectAmazonSilk function| DetectMobileQuick function| DetectMobileLong function| DetectTierTablet function| DetectTierIphone function| DetectTierRichCss function| DetectTierOtherPhones function| InitDeviceScan boolean| isIphone boolean| isAndroidPhone boolean| isTierTablet boolean| isTierIphone boolean| isTierRichCss boolean| isTierGenericMobile string| engineWebKit string| deviceIphone string| deviceIpod string| deviceIpad string| deviceMacPpc string| deviceAndroid string| deviceGoogleTV string| deviceXoom string| deviceHtcFlyer string| deviceNuvifone string| deviceSymbian string| deviceS60 string| deviceS70 string| deviceS80 string| deviceS90 string| deviceWinPhone7 string| deviceWinMob string| deviceWindows string| deviceIeMob string| devicePpc string| enginePie string| deviceBB string| vndRIM string| deviceBBStorm string| deviceBBBold string| deviceBBBoldTouch string| deviceBBTour string| deviceBBCurve string| deviceBBCurveTouch string| deviceBBTorch string| deviceBBPlaybook string| devicePalm string| deviceWebOS string| deviceWebOShp string| engineBlazer string| engineXiino string| deviceKindle string| engineSilk string| vndwap string| wml string| deviceTablet string| deviceBrew string| deviceDanger string| deviceHiptop string| devicePlaystation string| deviceNintendoDs string| deviceNintendo string| deviceWii string| deviceXbox string| deviceArchos string| engineOpera string| engineNetfront string| engineUpBrowser string| engineOpenWeb string| deviceMidp string| uplink string| engineTelecaQ string| devicePda string| mini string| mobile string| mobi string| maemo string| linux string| qtembedded string| mylocom2 string| manuSonyEricsson string| manuericsson string| manuSamsung1 string| manuSony string| manuHtc string| svcDocomo string| svcKddi string| svcVodafone string| disUpdate string| uagent object| advads_options object| advads function| sfsi_plus_processfurther function| getUrlParameter function| readCookie function| loadForensiqScript function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga number| __lo_site_id object| _taboola function| clarity function| _initClickagy object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| Modernizr object| sfsi_plus_ajax_object object| sfsi_plus_links function| sfsiplus_showErrorSuc function| sfsiplus_beForeLoad function| sfsi_plus_make_popBox function| sfsi_plus_stick_widget function| sfsi_plus_float_widget function| sfsi_plus_shuffle function| sfsiplus_Shuffle function| sfsi_plus_setCookie function| sfsfi_plus_getCookie function| sfsi_plus_hideFooter number| global_error function| sfsi_plus_update_iconcount function| sfsi_plus_changeIconWidth function| sfsiplushidemepopup object| sfsiplus_initTop function| sfsi_plus_wechat_follow function| close_overlay function| sfsi_plus_wechat_share function| sfsi_plus_wechat_share_mobile function| sfsi_copy_text_parent_input function| sfsi_plus_widget_set function| sfsi_plus_time_pop_up function| sfsi_plus_responsive_toggle function| sfsi_social_pop_up object| sfsi_plus_functions_loaded function| sfsi_plus_pinterest_modal_images function| sfsi_plus_pinterest_modal function| SFSI object| twemoji object| wp boolean| AylTagLoading object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| dataLayer function| fqPixel object| __buffer function| _typeof object| TRC object| _tblConsole undefined| msg function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| Adyoulike object| AylTag object| google_tag_manager boolean| __lo_csr_added37 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.leak-hub.com/ | Name: sid Value: 51bee4e2-ea9f-11ee-a64a-20352c3a8e8e |
|
.newsandpromotions.com/ | Name: _xTID Value: 11911 |
|
.omnitagjs.com/ | Name: ayl_visitor Value: e2eebf0acceea88d42f66ebdb6f89e66 |
|
.newsandpromotions.com/ | Name: _ga Value: GA1.2.779323957.1711368052 |
|
.newsandpromotions.com/ | Name: _gid Value: GA1.2.538255413.1711368052 |
|
.newsandpromotions.com/ | Name: _gat Value: 1 |
|
www.clarity.ms/ | Name: CLID Value: dbd2d3c4b24242deb55d46c831028c92.20240325.20250325 |
|
.newsandpromotions.com/ | Name: _clck Value: lif49i%7C2%7Cfkd%7C0%7C1545 |
|
.newsandpromotions.com/ | Name: _hjSessionUser_31899 Value: eyJpZCI6IjYyMGVlMGNlLTI2YjUtNTIzZS1iMmQ4LWIyOWQyNGQ4MTEzOSIsImNyZWF0ZWQiOjE3MTEzNjgwNTI2MzIsImV4aXN0aW5nIjp0cnVlfQ== |
|
.newsandpromotions.com/ | Name: _hjSession_31899 Value: eyJpZCI6IjRlZDFiZDc2LThhYzEtNGFjNi05MWI0LTZmMmI4NDAzZWRjMSIsImMiOjE3MTEzNjgwNTI2MzMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0= |
|
.newsandpromotions.com/ | Name: _ga_YEP2FYVEFL Value: GS1.2.1711368052.1.1.1711368052.60.0.0 |
|
.creativecdn.com/ | Name: g Value: 9wi5VBFuDeconHhn5UcS_1711368052915 |
|
.creativecdn.com/ | Name: ts Value: 1711368052 |
|
.bidswitch.net/ | Name: tuuid Value: 9e8cb4ce-7ff0-4158-89ba-669608118ca4 |
|
.bidswitch.net/ | Name: c Value: 1711368052 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1711368052 |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adnxs.com/ | Name: XANDR_PANID Value: a8MZZ2FJqQDQ4M_-By-G44hHxRjlQgsqbLj0uxWLztfbvuC9GiYw52Y4pmA-B0LnAHt074aU_gyXAcKIXSDPmHX4eJuSJSyZ0pXoRWrjTOo. |
|
.adnxs.com/ | Name: uuid2 Value: 4519483493053224219 |
|
.bidr.io/ | Name: bito Value: AAKDKE7MAs8AABWS-tz17Q |
|
.bidr.io/ | Name: bitoIsSecure Value: ok |
|
.csync.loopme.me/ | Name: viewer_token Value: 92af4c3f-ab5d-4d47-9583-754bec3de184 |
|
.newsandpromotions.com/ | Name: _clsk Value: 1cogmc8%7C1711368053169%7C1%7C1%7Ca.clarity.ms%2Fcollect |
|
sync.srv.stackadapt.com/ | Name: sa-user-id Value: s%3A0-1461cd0e-8d79-5b22-741e-394fb682a8bc.X2SM931R2myrau0tEBWJyofScOv1YEZ3SdHl2zoReoo |
|
.srv.stackadapt.com/ | Name: sa-user-id Value: s%3A0-1461cd0e-8d79-5b22-741e-394fb682a8bc.X2SM931R2myrau0tEBWJyofScOv1YEZ3SdHl2zoReoo |
|
sync.srv.stackadapt.com/ | Name: sa-user-id-v2 Value: s%3AFGHNDo15WyJ0HjlPtoKovAW7FWk.A8ue0zw14ovOJsp3Ji%2BAvvjkJFHK8PSzpO3CoGZAz2g |
|
.srv.stackadapt.com/ | Name: sa-user-id-v2 Value: s%3AFGHNDo15WyJ0HjlPtoKovAW7FWk.A8ue0zw14ovOJsp3Ji%2BAvvjkJFHK8PSzpO3CoGZAz2g |
|
sync.srv.stackadapt.com/ | Name: sa-user-id-v3 Value: s%3AAQAKIGEBXK4QipDwfyUmxUwkP9RL9mINvBWHwjU1Hcd8xfGXEHwYBCD1zoWwBjABOgT7-sM6QgSfcj7E.glGBDDbjdgZ%2B2lNev0SPkpx9o%2BYLRoC1KTCVYv4QTGg |
|
.srv.stackadapt.com/ | Name: sa-user-id-v3 Value: s%3AAQAKIGEBXK4QipDwfyUmxUwkP9RL9mINvBWHwjU1Hcd8xfGXEHwYBCD1zoWwBjABOgT7-sM6QgSfcj7E.glGBDDbjdgZ%2B2lNev0SPkpx9o%2BYLRoC1KTCVYv4QTGg |
|
.postrelease.com/ | Name: opt_out Value: 1 |
|
.bing.com/ | Name: MUID Value: 154623699FBE697036D937249E75687D |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 154623699FBE697036D937249E75687D |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 154623699FBE697036D937249E75687D |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
65 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.clarity.ms
aorta.clickagy.com
ap.lijit.com
api-2-0.spot.im
aux.fqtag.com
b1sync.zemanta.com
bttrack.com
c.bing.com
c.clarity.ms
c.fqtag.com
cdn.fqtag.com
cdn.taboola.com
connect.facebook.net
contextual.media.net
creativecdn.com
cs-server-s2s.yellowblue.io
csync.loopme.me
dinnza.com
dis.criteo.com
eus.rubiconproject.com
fo-api.omnitagjs.com
fo-ssp.omnitagjs.com
fo-static.omnitagjs.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hemsync.clickagy.com
id.rlcdn.com
image8.pubmatic.com
jadserve.postrelease.com
leak-hub.com
match.adsrvr.org
match.prod.bidr.io
matching.ivitrack.com
onetag-sys.com
region1.analytics.google.com
s.seedtag.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
settings.luckyorange.net
ssc-cms.33across.com
ssl.luckyorange.com
static.hotjar.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
sync.taboola.com
tags.clickagy.com
track.ecampaignstats.com
u.ipw.metadsp.co.uk
us-u.openx.net
visitor.omnitagjs.com
www.clarity.ms
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.newsandpromotions.com
x.bidswitch.net
id.rlcdn.com
103.224.182.206
104.26.11.16
104.45.184.134
104.64.126.246
13.32.27.19
141.226.228.48
142.250.185.164
151.101.65.44
157.240.252.13
172.217.18.3
178.250.1.9
18.245.31.19
18.66.97.10
185.184.8.90
185.255.84.151
185.255.84.152
185.64.190.79
185.89.210.82
192.132.33.69
2.23.8.24
2001:4860:4802:32::36
23.48.23.37
2600:1901:0:298e::
2600:9000:211e:5e00:4:8491:f2c0:93a1
2606:4700:20::681a:4f4
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:803::200e
2a00:1450:4001:806::2003
2a00:1450:4001:812::2008
2a00:1450:400c:c00::9d
2a02:2638:3::c
2a03:2880:f084:d:face:b00c:0:3
34.111.12.38
34.117.157.22
34.149.50.64
34.214.129.77
34.231.129.236
34.233.219.30
35.190.36.172
35.190.72.161
35.214.132.90
35.214.149.91
35.214.206.184
35.227.209.77
35.244.159.8
35.71.131.137
37.48.65.152
44.213.220.50
51.89.9.253
52.211.99.1
52.215.86.157
54.210.145.203
54.76.208.25
64.202.112.63
67.202.105.22
68.219.88.97
72.246.169.246
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
054bdf9b8da204cabfcd876409243e05bec63fe13643da4583464e8927ee9481
05cbe0eb63271667225aa3f633752f33320920a81377672462140256ff8f9c8a
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
20209a9204b5e945a57a466b9010e3f572003437a235ff415083ca91d31cbd77
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
2ab0f45758fa81cc5b4669004d42b4ac117c807fad6fb9509359f8b6ef592f38
32dd00604df8db3415240d450341558b6827b1e02dc0f211d8a6d9a4287c522e
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
45e040bbe8b505348d26fbfd50ce1fb32271fc5ab3c05c388ba5342e082b4efd
4ab71d481de1298c26ac983c76d3f4215ea398331074369993f1c27493fa1006
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7166cc360d114d3279967bae732d3eab578ad1f4ea9cedd9c349e9a5eaed37
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c61ddd4f7ab45d1ca4f263ae05f6814284e8e13d39f7acd4df221a2c1202d90
5d594c9f8e7ea0a8bf5bad07a77a1dcf675fcb2b456369df14fecaa6c3214f15
5eeb0081366c82d6237c6e16e9af56188182db7669e6916a9018bbf8d16b5b7a
62af96b589b3b91ab85d8215cfad925f0b748c2c0714772d8dfd96f6db78d569
6743d9e9284060da973b7a61a6ce0b6137b24b470de65cc3048156ba7582cdd0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
7513ea071ec3a6d65ea28a5d0bd1136522b6503b825789849dad425d677c2d73
7d6c99efb6e127e4d771df15c40b164de3ee8ea290ce575b20f81aee60a03d3b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83aa0e460deafba34165363c3a229c2d6faf9f239d2b782c456651b78c032437
85b9dffd781e47c571a53afc2f594c53f9c49ebeadc9adc3fc720d4a6e3a688b
8b0ce2bf2fd117fdda281bec4fc88f09bc07566810aadc45dd566fa4fcd2679c
8ca576c1a2552134c66c3bdfbbff559654f0eca9d749d2933397df6b80616852
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9472f0e4b9df82ddfd868a6b15cbbffcf1a00e25f6f502a36bdf9707fe93aec9
97307859d3fcb1aa21e13e3e7bf6f7200f237d178bb18ada0fae75b35f8aef85
98978ca510c9861cfdd523c3f518a6d4f0706c75394f006bc6fe0d58c3334fbe
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4273a4627dee7cb7316462117406296f7ac0602a76c101e5c0ca8dfa6686cbd
a49654f4f596b62de7a848de385fd6c6f65cebdb23df83456f066256630ba035
a80eae4454fa66280866a7243d2ea51e927c41af8ba045ade41a03f64d1180fa
a8e247a4aa584404ac0d10d6e3cd94399855c535101c136c054b3dea4860d975
ad03543ac37253e14391a4c0a02845320456d23ca50546ee72143e1bec705927
b2797fb79fdbded709d7aff399648ce4d809dda4028eb2c3636b38bb5451132f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf820c2e5608b055b98402b2f885df349d9f9e605ff3fd7a4c03f1c49d5c8264
bfe52d579512209544104e967b8f57c10cf992cf879321612613640baa57ab8e
c13e5fd1c85742cd9c2a7cce6255d9096b2c85830f85a0f8c142633da4e81078
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c56e11ae42d0f719ff2017e3adc5ba87af8ae85624c1245e9b827faed56a7987
c74ae25896e6f760efc2b5f7d3983d8112d043c959970948eb197491c150f319
c762a9ebb4f3912f5f97bdaa579b2c7813cee4b6b4929555295dfd49508f7839
cb7e55101bbe7cf1c75758b4b148ef2cb840d32690bc3ac99b0552ae6fc65c74
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d4dcfed0a67f59a30ee2adaf895cc47005779090fdb558481f88c3aae095b276
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
ed57410b6d3577ae079759ca23479e4b44f02b6e0042fb56cf08b3904dc3fa70
ee509bb1c57d79983d9b61bc0df4ffba2307f8bcae447efa74c311e2f615dda1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08dccdc1054a4c83e6fafa075bde0ac227e6fc5c56d7b9e981039ab8032409a
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fe1d956c373c6c52de2b9b7671e0bdf901b27d7c61aa45198da3c21081f31874