urlscan.io logo urlscan.io
SecurityTrails logo

www.5esrd.com Open in urlscan Pro
69.164.217.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.5esrd.com/
Effective URL: https://www.5esrd.com/
Submission: On January 22 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 8 countries across 102 domains to perform 471 HTTP transactions. The main IP is 69.164.217.55, located in Cedar Knolls, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.5esrd.com.
TLS certificate: Issued by R3 on December 29th 2023. Valid for: 3 months.
This is the only time www.5esrd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 39 69.164.217.55 63949 (AKAMAI-LI...)
13 2607:f8b0:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2607:f8b0:400... 15169 (GOOGLE)
3 52.85.107.191 16509 (AMAZON-02)
8 34.107.189.147 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 34.233.163.95 14618 (AMAZON-AES)
8 34.237.83.209 14618 (AMAZON-AES)
6 2606:ae80:147... 25751 (VALUECLICK)
2 8 63.251.86.51 10913 (INTERNAP-BLK)
7 34.120.63.153 396982 (GOOGLE-CL...)
4 20 104.18.36.155 13335 (CLOUDFLAR...)
7 104.36.115.111 62713 (AS-PUBMATIC)
10 23 68.67.160.132 29990 (ASN-APPNEX)
1 10 35.186.253.211 15169 (GOOGLE)
6 143.244.160.239 14061 (DIGITALOC...)
8 2620:100:a001... 19750 (AS-CRITEO)
2 2400:52e0:1a0... 200325 (BUNNYCDN)
1 185.146.173.20 13335 (CLOUDFLAR...)
8 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
9 2620:100:a001::4 19750 (AS-CRITEO)
1 173.237.69.132 7979 (SERVERS-COM)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
21 142.251.163.149 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.144.237.127 396982 (GOOGLE-CL...)
1 18.160.10.80 16509 (AMAZON-02)
7 3.161.212.32 16509 (AMAZON-02)
1 34.120.57.242 396982 (GOOGLE-CL...)
1 104.18.35.167 13335 (CLOUDFLAR...)
7 2400:52e0:1a0... 200325 (BUNNYCDN)
2 23 52.46.130.91 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
9 10 15.197.193.217 16509 (AMAZON-02)
1 1 35.214.132.246 15169 (GOOGLE)
1 5 23.200.44.18 16625 (AKAMAI-AS)
4 5 54.157.82.146 14618 (AMAZON-AES)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
1 1 35.208.249.213 19527 (GOOGLE-2)
3 3 64.202.112.191 22075 (AS-OUTBRAIN)
3 12 35.244.159.8 396982 (GOOGLE-CL...)
4 4 2606:ae80:145... 25751 (VALUECLICK)
3 7 34.235.32.60 14618 (AMAZON-AES)
4 23.220.124.197 16625 (AKAMAI-AS)
1 4 198.148.27.131 19189 (PULSEPOINT)
6 63.251.86.49 32475 (SINGLEHOP...)
3 11 35.71.139.29 16509 (AMAZON-02)
1 192.0.77.48 2635 (AUTOMATTIC)
20 27 142.251.111.154 15169 (GOOGLE)
2 2 34.233.28.229 14618 (AMAZON-AES)
1 1 3.18.15.211 16509 (AMAZON-02)
1 35.226.42.89 396982 (GOOGLE-CL...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 192.132.33.67 18568 (BIDTELLECT)
3 3 173.231.178.77 32475 (SINGLEHOP...)
2 34.237.132.177 14618 (AMAZON-AES)
1 2620:100:a001... 19750 (AS-CRITEO)
11 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 8.28.7.81 62713 (AS-PUBMATIC)
3 3 82.145.213.8 39832 (NO-OPERA)
1 2 8.2.110.134 46636 (NATCOWEB)
13 15 69.194.240.13 26120 (RHYTHMONE)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
2 2 185.167.164.43 198622 (ADFORM)
1 3 52.95.118.179 16509 (AMAZON-02)
3 7 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
12 104.36.113.107 62713 (AS-PUBMATIC)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
1 74.119.119.147 19750 (AS-CRITEO)
1 34.98.67.3 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2620:100:a001::9 19750 (AS-CRITEO)
2 2620:100:a001... 19750 (AS-CRITEO)
1 151.101.1.108 54113 (FASTLY)
12 23.202.152.28 16625 (AKAMAI-AS)
9 134.209.126.4 14061 (DIGITALOC...)
8 9 172.240.155.100 7979 (SERVERS-COM)
1 104.18.38.76 13335 (CLOUDFLAR...)
2 2620:1ec:21::14 8068 (MICROSOFT...)
11 12 35.211.178.172 15169 (GOOGLE)
2 2 35.211.233.246 19527 (GOOGLE-2)
2 3 74.119.119.150 19750 (AS-CRITEO)
1 2620:100:a001::3 19750 (AS-CRITEO)
1 1 54.146.129.87 14618 (AMAZON-AES)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 2 2620:116:800b... 14618 (AMAZON-AES)
2 2 23.205.2.235 16625 (AKAMAI-AS)
4 23.202.153.103 16625 (AKAMAI-AS)
3 192.241.152.120 14061 (DIGITALOC...)
2 3 35.244.154.8 15169 (GOOGLE)
1 1 44.195.244.24 14618 (AMAZON-AES)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2620:100:a001::c 19750 (AS-CRITEO)
2 2 199.38.167.130 54312 (ROCKETFUEL)
3 3 52.3.195.166 14618 (AMAZON-AES)
1 1 131.153.147.138 19437 (SS-ASH)
2 2 35.207.24.140 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 23.12.146.150 20940 (AKAMAI-ASN1)
1 23.218.216.30 20940 (AKAMAI-ASN1)
2 8.28.7.84 62713 (AS-PUBMATIC)
1 23.62.172.23 16625 (AKAMAI-AS)
1 1 44.210.167.205 14618 (AMAZON-AES)
1 2600:1f18:26d... 14618 (AMAZON-AES)
3 23.222.5.76 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
10 16 8.43.72.98 26667 (RUBICONPR...)
1 1 69.173.151.100 26667 (RUBICONPR...)
2 2 54.145.121.220 ()
1 2 151.101.130.49 ()
1 8.18.47.7 ()
1 2 34.234.28.80 ()
1 54.90.34.250 ()
1 52.22.192.2 ()
1 1 34.200.65.202 ()
471 98
39    69.164.217.55 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: srdserver.opengamingnetwork.com
www.5esrd.com
account.opengamingnetwork.com
13    2607:f8b0:4004:c19::9a (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2606:4700::6812:34e (United States)

ASN13335 (CLOUDFLARENET, US)
s.nitropay.com
1    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
7    2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    52.85.107.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-107-191.yul62.r.cloudfront.net
c.amazon-adsystem.com
8    34.107.189.147 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 147.189.107.34.bc.googleusercontent.com
t.nit.ro
1    2607:f8b0:4004:c19::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    34.233.163.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-163-95.compute-1.amazonaws.com
tlx.3lift.com
8    34.237.83.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-83-209.compute-1.amazonaws.com
btlr.sharethrough.com
6    2606:ae80:1471:12::500 (United States)

ASN25751 (VALUECLICK, US)
web.hb.ad.cpe.dotomi.com
8    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
7    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
20    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
7    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
23    68.67.160.132 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
10    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
6    143.244.160.239 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebid.cootlogix.com
8    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
2    2400:52e0:1a00::718:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)
v.nitropay.com
1    185.146.173.20 (Sweden)

ASN13335 (CLOUDFLARENET, US)
sdks.shopifycdn.com
8    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4004:c1d::71 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    173.237.69.132 (United States)

ASN7979 (SERVERS-COM, US)
colossusssp.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
21    142.251.163.149 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f149.1e100.net
ad.doubleclick.net
s0.2mdn.net
1    2606:4700:3035::ac43:c19c (United States)

ASN13335 (CLOUDFLARENET, US)
consent.nitrocnct.com
1    34.144.237.127 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 127.237.144.34.bc.googleusercontent.com
a.nitropay.com
1    18.160.10.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-80.iad12.r.cloudfront.net
config.aps.amazon-adsystem.com
7    3.161.212.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-212-32.yul62.r.cloudfront.net
aax.amazon-adsystem.com
1    34.120.57.242 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.57.120.34.bc.googleusercontent.com
monorail-edge.shopifysvc.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
7    2400:52e0:1a00::1067:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)
nitropay-102.b-cdn.net
23    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
10    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    35.214.132.246 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 246.132.214.35.bc.googleusercontent.com
csync.loopme.me
5    23.200.44.18 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-44-18.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
5    54.157.82.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-82-146.compute-1.amazonaws.com
match.prod.bidr.io
2    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
3    64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
12    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
eu-u.openx.net
us-u.openx.net
ggsoftware-d.openx.net
4    2606:ae80:1451:19::1370 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
medianet-match.dotomi.com
pubmatic-match.dotomi.com
7    34.235.32.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-32-60.compute-1.amazonaws.com
match.sharethrough.com
4    23.220.124.197 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-124-197.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
6    63.251.86.49 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
11    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
27    142.251.111.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net
cm.g.doubleclick.net
2    34.233.28.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-28-229.compute-1.amazonaws.com
i.liadm.com
1    3.18.15.211 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-15-211.us-east-2.compute.amazonaws.com
he.lijit.com
1    35.226.42.89 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.42.226.35.bc.googleusercontent.com
p.alcmpn.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    192.132.33.67 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.67.bidtellect.com
bttrack.com
3    173.231.178.77 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    34.237.132.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-132-177.compute-1.amazonaws.com
rtb.adentifi.com
1    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
11    2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pubads.g.doubleclick.net
1    2607:f8b0:4004:c06::95 (Washington, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
15    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    52.95.118.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
12    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
4    2600:1f18:4e9:5a02:3c33:5926:76d2:8c3e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)
imageproxy.us.criteo.net
2    2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
12    23.202.152.28 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-152-28.deploy.static.akamaitechnologies.com
contextual.media.net
9    134.209.126.4 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
9    172.240.155.100 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
1    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
12    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    35.211.233.246 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
1    54.146.129.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-129-87.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    23.205.2.235 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-2-235.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.202.153.103 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-153-103.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    192.241.152.120 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
openrtb.cootlogix.com
3    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
id.rlcdn.com
1    44.195.244.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-244-24.compute-1.amazonaws.com
ads.yieldmo.com
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
ids.ad.gt
1    2606:4700:10::ac43:2954 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
1    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    52.3.195.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-195-166.compute-1.amazonaws.com
pm.w55c.net
1    131.153.147.138 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
4    2607:f8b0:4002:c0f::5e (Atlanta, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    23.12.146.150 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-12-146-150.deploy.static.akamaitechnologies.com
p16-ttam-va.ibyteimg.com
1    23.218.216.30 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-216-30.deploy.static.akamaitechnologies.com
v16-ad.byteoversea.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    23.62.172.23 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-172-23.deploy.static.akamaitechnologies.com
c21lg-d.media.net
1    44.210.167.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-167-205.compute-1.amazonaws.com
adrta.com
1    2600:1f18:26d4:7e06:d45b:472a:259a:8fe2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ipds.adrta.com
3    23.222.5.76 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-5-76.deploy.static.akamaitechnologies.com
api16-event-va.pangle.io
1    2607:f8b0:4004:c07::9b (Washington, United States)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
16    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    54.145.121.220 (None, )

ASN- ()
sync.ipredictive.com
2    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    8.18.47.7 (None, )

ASN- ()
match.deepintent.com
2    34.234.28.80 (None, )

ASN- ()
thrtle.com
1    54.90.34.250 (None, )

ASN- ()
crb.kargo.com
1    52.22.192.2 (None, )

ASN- ()
sync.bfmio.com
1    34.200.65.202 (None, )

ASN- ()
ups.analytics.yahoo.com
Apex Domain
Subdomains		 Transfer
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
ad.doubleclick.net — Cisco Umbrella Rank: 163
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
pubads.g.doubleclick.net — Cisco Umbrella Rank: 415
284 KB
37 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
99 KB
36 5esrd.com
www.5esrd.com
536 KB
28 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
image2.pubmatic.com — Cisco Umbrella Rank: 912
simage2.pubmatic.com — Cisco Umbrella Rank: 870
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
image4.pubmatic.com
47 KB
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
219 KB
25 media.net
prebid.media.net — Cisco Umbrella Rank: 1229
cs.media.net — Cisco Umbrella Rank: 1236
contextual.media.net — Cisco Umbrella Rank: 709
hbx.media.net — Cisco Umbrella Rank: 1257
c21lg-d.media.net — Cisco Umbrella Rank: 2197
49 KB
24 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
acdn.adnxs.com — Cisco Umbrella Rank: 598
38 KB
23 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
37 KB
22 openx.net
rtb.openx.net — Cisco Umbrella Rank: 625
u.openx.net — Cisco Umbrella Rank: 683
eu-u.openx.net — Cisco Umbrella Rank: 2043
us-u.openx.net — Cisco Umbrella Rank: 524
ggsoftware-d.openx.net — Cisco Umbrella Rank: 38461
4 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
dsum.casalemedia.com — Cisco Umbrella Rank: 1367
12 KB
18 cootlogix.com
prebid.cootlogix.com — Cisco Umbrella Rank: 5265
sync.cootlogix.com — Cisco Umbrella Rank: 3230
openrtb.cootlogix.com — Cisco Umbrella Rank: 5394
14 KB
18 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 581
eb2.3lift.com — Cisco Umbrella Rank: 412
11 KB
17 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
473 KB
15 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
imageproxy.us.criteo.net — Cisco Umbrella Rank: 3202
csm.us.criteo.net — Cisco Umbrella Rank: 3277
134 KB
15 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
ads.us.criteo.com — Cisco Umbrella Rank: 3179
cat.va.us.criteo.com — Cisco Umbrella Rank: 3347
dis.criteo.com — Cisco Umbrella Rank: 608
rtb.va.us.criteo.com — Cisco Umbrella Rank: 6801
gum.criteo.com — Cisco Umbrella Rank: 423
50 KB
15 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
ce.lijit.com — Cisco Umbrella Rank: 859
he.lijit.com — Cisco Umbrella Rank: 2846
12 KB
15 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 978
match.sharethrough.com — Cisco Umbrella Rank: 508
3 KB
12 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
6 KB
11 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
5 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
5 KB
10 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1337
sync.colossusssp.com — Cisco Umbrella Rank: 1430
7 KB
10 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4211
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5046
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 7333
medianet-match.dotomi.com — Cisco Umbrella Rank: 11527
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3439
5 KB
8 nit.ro
t.nit.ro — Cisco Umbrella Rank: 22886
12 B
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
2 KB
7 b-cdn.net
nitropay-102.b-cdn.net
567 KB
7 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 25793
v.nitropay.com — Cisco Umbrella Rank: 98458
a.nitropay.com — Cisco Umbrella Rank: 33084
453 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
ups.analytics.yahoo.com
3 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
2 KB
5 gstatic.com
fonts.gstatic.com
csi.gstatic.com
31 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373
2 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
4 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 881
api.btloader.com — Cisco Umbrella Rank: 960
28 KB
3 pangle.io
api16-event-va.pangle.io — Cisco Umbrella Rank: 28028
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
2 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 738
1 KB
3 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
196 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
2 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
2 KB
3 opengamingnetwork.com
account.opengamingnetwork.com — Cisco Umbrella Rank: 521548
11 KB
2 thrtle.com
thrtle.com
683 B
2 everesttech.net
sync-tm.everesttech.net
766 B
2 ipredictive.com
sync.ipredictive.com
1 KB
2 adrta.com
adrta.com — Cisco Umbrella Rank: 2291
ipds.adrta.com — Cisco Umbrella Rank: 4179
923 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
832 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
994 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
899 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5392
747 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2298
971 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
774 B
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 485
372 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
868 B
2 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 3182
988 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1259
69 B
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 918
1 KB
1 bfmio.com
sync.bfmio.com
425 B
1 kargo.com
crb.kargo.com
359 B
1 deepintent.com
match.deepintent.com
338 B
1 byteoversea.com
v16-ad.byteoversea.com — Cisco Umbrella Rank: 14982
2 MB
1 ibyteimg.com
p16-ttam-va.ibyteimg.com — Cisco Umbrella Rank: 6342
11 KB
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3405
610 B
1 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 4754
1 ad.gt
ids.ad.gt — Cisco Umbrella Rank: 1592
173 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 651
541 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
1 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
2 KB
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4748
374 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4022
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 866
352 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1515
423 B
1 alcmpn.com
p.alcmpn.com — Cisco Umbrella Rank: 2926
286 B
1 w.org
s.w.org — Cisco Umbrella Rank: 3198
626 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1161
361 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
225 B
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1299
4 KB
1 shopifysvc.com
monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 3211
459 B
1 nitrocnct.com
consent.nitrocnct.com — Cisco Umbrella Rank: 38841
36 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
253 B
1 shopifycdn.com
sdks.shopifycdn.com — Cisco Umbrella Rank: 38683
60 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 mxptint.net Failed
pmp.mxptint.net Failed
0 crwdcntrl.net Failed
bcp.crwdcntrl.net Failed
0 pippio.com Failed
pippio.com Failed
0 adswizz.com Failed
synchroscript.deliveryengine.adswizz.com Failed
0 owneriq.net Failed
px.owneriq.net Failed
0 iprom.net Failed
core.iprom.net Failed
0 truffle.bid Failed
matching.truffle.bid Failed
0 ctnsnet.com Failed
ipac.ctnsnet.com Failed
0 appier.net Failed
gocm.c.appier.net Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 cognitivlabs.com Failed
beacon.lynx.cognitivlabs.com Failed
0 intentiq.com Failed
sync.intentiq.com Failed
0 yahoo.net Failed
hb.yahoo.net Failed
0 sonobi.com Failed
apex.go.sonobi.com Failed
sync.go.sonobi.com Failed
471 102
Domain Requested by
36 www.5esrd.com 2 redirects www.5esrd.com
27 cm.g.doubleclick.net 20 redirects googleads.g.doubleclick.net
ce.lijit.com
u.openx.net
eb2.3lift.com
contextual.media.net
23 s.amazon-adsystem.com 2 redirects s.nitropay.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
ce.lijit.com
match.sharethrough.com
bh.contextweb.com
u.openx.net
ads.pubmatic.com
contextual.media.net
21 ib.adnxs.com 8 redirects s.nitropay.com
googleads.g.doubleclick.net
eb2.3lift.com
acdn.adnxs.com
contextual.media.net
17 s0.2mdn.net 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
www.5esrd.com
s0.2mdn.net
s.nitropay.com
13 pagead2.googlesyndication.com www.5esrd.com
4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
tpc.googlesyndication.com
imasdk.googleapis.com
www.googletagservices.com
12 x.bidswitch.net 11 redirects sync.colossusssp.com
12 contextual.media.net s.nitropay.com
contextual.media.net
ads.pubmatic.com
11 sync.1rx.io 9 redirects sync.colossusssp.com
11 tpc.googlesyndication.com 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
www.5esrd.com
tpc.googlesyndication.com
11 eb2.3lift.com 3 redirects s.amazon-adsystem.com
s.nitropay.com
eb2.3lift.com
10 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
10 match.adsrvr.org 9 redirects s.nitropay.com
10 rtb.openx.net 1 redirects s.nitropay.com
ggsoftware-d.openx.net
9 pixel.rubiconproject.com 5 redirects contextual.media.net
9 sync.colossusssp.com 8 redirects s.nitropay.com
9 sync.cootlogix.com s.nitropay.com
sync.colossusssp.com
sync.cootlogix.com
www.5esrd.com
9 static.criteo.net s.nitropay.com
static.criteo.net
ads.us.criteo.com
8 googleads.g.doubleclick.net s.nitropay.com
4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
www.5esrd.com
8 bidder.criteo.com s.nitropay.com
static.criteo.net
8 ap.lijit.com 2 redirects s.nitropay.com
8 btlr.sharethrough.com s.nitropay.com
8 t.nit.ro s.nitropay.com
7 token.rubiconproject.com 5 redirects eus.rubiconproject.com
7 simage2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
www.5esrd.com
contextual.media.net
7 pixel.tapad.com 3 redirects s.amazon-adsystem.com
sync.colossusssp.com
contextual.media.net
7 us-u.openx.net 1 redirects u.openx.net
ggsoftware-d.openx.net
www.5esrd.com
7 match.sharethrough.com 3 redirects s.amazon-adsystem.com
match.sharethrough.com
7 nitropay-102.b-cdn.net v.nitropay.com
www.5esrd.com
7 aax.amazon-adsystem.com c.amazon-adsystem.com
7 hbopenbid.pubmatic.com s.nitropay.com
7 prebid.media.net s.nitropay.com
7 tlx.3lift.com s.nitropay.com
7 securepubads.g.doubleclick.net s.nitropay.com
securepubads.g.doubleclick.net
4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
6 ce.lijit.com s.amazon-adsystem.com
ce.lijit.com
match.sharethrough.com
contextual.media.net
6 prebid.cootlogix.com s.nitropay.com
6 htlb.casalemedia.com s.nitropay.com
6 web.hb.ad.cpe.dotomi.com s.nitropay.com
5 image2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
www.5esrd.com
5 match.prod.bidr.io 4 redirects contextual.media.net
ads.pubmatic.com
5 ad.doubleclick.net www.5esrd.com
4 csi.gstatic.com imasdk.googleapis.com
4 eus.rubiconproject.com sync.cootlogix.com
contextual.media.net
eus.rubiconproject.com
4 imageproxy.us.criteo.net ads.us.criteo.com
4 pr-bh.ybp.yahoo.com 2 redirects s.amazon-adsystem.com
ggsoftware-d.openx.net
4 sync.targeting.unrulymedia.com 4 redirects
4 bh.contextweb.com 1 redirects s.amazon-adsystem.com
bh.contextweb.com
4 ads.pubmatic.com s.amazon-adsystem.com
s.nitropay.com
contextual.media.net
4 cs.media.net 1 redirects contextual.media.net
4 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com s.nitropay.com
4 s.nitropay.com www.5esrd.com
s.nitropay.com
3 api16-event-va.pangle.io www.5esrd.com
3 pm.w55c.net 3 redirects
3 id.rlcdn.com 2 redirects sync.colossusssp.com
3 openrtb.cootlogix.com sync.colossusssp.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
www.5esrd.com
3 dis.criteo.com 2 redirects eb2.3lift.com
3 aax-eu.amazon-adsystem.com 1 redirects u.openx.net
contextual.media.net
3 t.adx.opera.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 www.googletagservices.com 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
3 cm.adgrx.com 3 redirects
3 u.openx.net 2 redirects s.amazon-adsystem.com
3 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
3 b1sync.zemanta.com 3 redirects
3 api.btloader.com btloader.com
3 c.amazon-adsystem.com s.nitropay.com
c.amazon-adsystem.com
3 account.opengamingnetwork.com www.5esrd.com
2 thrtle.com 1 redirects www.5esrd.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 sync.ipredictive.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 p.rfihub.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 cms.quantserve.com 2 redirects
2 creativecdn.com 2 redirects
2 pool.admedo.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 px.ads.linkedin.com eb2.3lift.com
contextual.media.net
2 csm.us.criteo.net ads.us.criteo.com
2 imasdk.googleapis.com s.nitropay.com
2 c1.adform.net 2 redirects
2 secure.adnxs.com 2 redirects
2 ad.turn.com 2 redirects
2 cs.krushmedia.com 1 redirects ce.lijit.com
2 rtb.adentifi.com ssum-sec.casalemedia.com
contextual.media.net
2 i.liadm.com 2 redirects
2 um.simpli.fi 2 redirects
2 ad-delivery.net www.5esrd.com
2 v.nitropay.com s.nitropay.com
1 pubmatic-match.dotomi.com 1 redirects
1 image4.pubmatic.com www.5esrd.com
1 ups.analytics.yahoo.com 1 redirects
1 sync.bfmio.com www.5esrd.com
1 crb.kargo.com www.5esrd.com
1 match.deepintent.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 ipds.adrta.com www.5esrd.com
1 adrta.com 1 redirects
1 c21lg-d.media.net contextual.media.net
1 simage4.pubmatic.com ads.pubmatic.com
1 v16-ad.byteoversea.com www.5esrd.com
1 p16-ttam-va.ibyteimg.com www.5esrd.com
1 server.cpmstar.com 1 redirects
1 medianet-match.dotomi.com 1 redirects
1 gum.criteo.com contextual.media.net
1 hbx.media.net contextual.media.net
1 ex.ingage.tech sync.colossusssp.com
1 ids.ad.gt sync.colossusssp.com
1 ads.yieldmo.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 rtb.va.us.criteo.com 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
1 js-sec.indexww.com s.nitropay.com
1 ggsoftware-d.openx.net s.nitropay.com
1 acdn.adnxs.com s.nitropay.com
1 tags.rd.linksynergy.com ads.us.criteo.com
1 cat.va.us.criteo.com ads.us.criteo.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 eu-u.openx.net u.openx.net
1 pulsepoint-match.dotomi.com 1 redirects
1 ads.us.criteo.com 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 bttrack.com 1 redirects
1 s.company-target.com 1 redirects
1 p.alcmpn.com ssum-sec.casalemedia.com
1 he.lijit.com 1 redirects
1 s.w.org www.5esrd.com
1 amazon-tam-match.dotomi.com 1 redirects
1 trace.mediago.io 1 redirects
1 csync.loopme.me 1 redirects ads.pubmatic.com
1 cdn-ima.33across.com s.nitropay.com
1 monorail-edge.shopifysvc.com sdks.shopifycdn.com
1 config.aps.amazon-adsystem.com s.nitropay.com
1 a.nitropay.com s.nitropay.com
1 consent.nitrocnct.com s.nitropay.com
1 colossusssp.com s.nitropay.com
1 www.google-analytics.com www.googletagmanager.com
1 sdks.shopifycdn.com s.nitropay.com
1 fonts.gstatic.com www.5esrd.com
1 btloader.com s.nitropay.com
1 www.googletagmanager.com www.5esrd.com
0 match.adsby.bidtheatre.com Failed contextual.media.net
0 pmp.mxptint.net Failed contextual.media.net
0 bcp.crwdcntrl.net Failed contextual.media.net
0 pippio.com Failed contextual.media.net
0 synchroscript.deliveryengine.adswizz.com Failed contextual.media.net
0 px.owneriq.net Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 matching.truffle.bid Failed ads.pubmatic.com
0 ipac.ctnsnet.com Failed ads.pubmatic.com
0 gocm.c.appier.net Failed ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
0 ums.acuityplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 beacon.lynx.cognitivlabs.com Failed ads.pubmatic.com
0 sync.intentiq.com Failed contextual.media.net
0 hb.yahoo.net Failed contextual.media.net
0 sync.go.sonobi.com Failed s.amazon-adsystem.com
contextual.media.net
www.5esrd.com
0 apex.go.sonobi.com Failed s.nitropay.com
471 160
Subject Issuer Validity Valid
www.opengamingnetwork.com
R3		 2023-12-29 -
2024-03-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-16 -
2024-04-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
btloader.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
t.nit.ro
GTS CA 1D4		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-08-02 -
2024-08-13		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.cootlogix.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-19 -
2024-11-17		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
v.nitropay.com
R3		 2024-01-12 -
2024-04-11		 3 months crt.sh
sdks.shopifycdn.com
E1		 2023-12-01 -
2024-02-29		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-01-20 -
2024-04-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
nitrocnct.com
E1		 2023-12-23 -
2024-03-22		 3 months crt.sh
*.nitropay.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
monorail-edge-gateway-east.shopifycloud.com
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-05 -
2024-11-11		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2023-12-18 -
2025-01-17		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-12 -
2024-04-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-25 -
2024-02-22		 3 months crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA		 2023-02-13 -
2024-02-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-22		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2023-07-28 -
2024-08-11		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2023-07-18 -
2024-06-28		 a year crt.sh
*.ibyteimg.com
RapidSSL TLS ECC CA G1		 2023-03-14 -
2024-04-13		 a year crt.sh
*.byteoversea.com
RapidSSL ECC CA 2018		 2023-12-18 -
2025-01-17		 a year crt.sh
*.pangle.io
RapidSSL TLS ECC CA G1		 2023-07-03 -
2024-08-02		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-11-28 -
2024-12-25		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh

This page contains 66 frames:

Primary Page: https://www.5esrd.com/
Frame ID: 01BE092ACF146BC4674DC5F0DCFDFEFE
Requests: 188 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: A300E687195DFB065573086CFB0CECB3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Frame ID: 28FDD443F1D58071DBCBDC5CAB1000F2
Requests: 1 HTTP requests in this frame

Frame: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AF1984B9DA8DA15CCFB951FF61DA375A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: A917264F2EE1D7B65A187FE41233F56D
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: C0598B949F4CE7C7A352CF787BAA571B
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Frame ID: A78195175C9AA14993D3202CE939B5E9
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 4BC8C6F30892D6203FB4E804B7CA8154
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035435
Frame ID: B8EDD85A35489C566C6E520E53C40AD0
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: BE68A1CC91B85C146B0EBB2463BB0E5F
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 13CCD8EBE304FAEBE608C216750EC2BD
Requests: 12 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: 64AF7E47EC950F458707C4154DE8F7A4
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=5264239699130614520&ex=appnexus.com
Frame ID: F6C357EE102679D4F6A5D400F6366973
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: 156C9569572397C08C185E1B6DFE7324
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1331579128763342695977
Frame ID: 7561DC2E034A4935A2A400D53BC44C95
Requests: 1 HTTP requests in this frame

Frame: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B55FBE6E33D01751BB15462F81424E13
Requests: 9 HTTP requests in this frame

Frame: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DD6C53DECF07DD7C2AF015175A15B36A
Requests: 12 HTTP requests in this frame

Frame: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BD5D0968614146733573EE0F2688409F
Requests: 12 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Frame ID: 8AA7E1EDDF70ED69D2832A747A828C30
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpL6JAhjs7duDAjAB&v=APEucNXnK4V8xEG0qVZrDxB0su2m99UQSUOs9PLV0Ed2m2JnJdg0cMDctvHEHFyiM-v95fEjaRtyS1cSvurGPaYS6kOQ2Z1Vuw
Frame ID: 881B82088917C00D741365D0C16500EE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpL6JAhjYzYP7ATAB&v=APEucNUHNwP5l3T0uL3EnjyeyZ39dKzj5Eq3FXYuyNo6-jmKZZljKI6UK2NDU-TldnTZ2eu2Qd2LaaDpGf8cmO2uvEPc7dHcWQ
Frame ID: 944BC005F8B714C279DC6A30BD4698EF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 29646E03062B7D9836DB260A0F916127
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D7359040-831C-4C53-8F3D-3E61AAF82C32&redir=true&gdpr=0&gdpr_consent=
Frame ID: EF3E444DD1362D0CE262E87735F341E2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDD7359040-831C-4C53-8F3D-3E61AAF82C32
Frame ID: 7FA320746CF3A0A0FFD7C59E3970889F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7AA00A30E5B866B31D9E7A9ECCC643B6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
Frame ID: F94804F1791955E5855D504BE58EF44B
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: D0094D91AB0C65DE878C7D5632DD5211
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DE9B4A73B8175B2BBD343186881C3FAD
Requests: 3 HTTP requests in this frame

Frame: https://ggsoftware-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: FDCC83683710500E51F1DD3706DAA3DD
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 2927A512C86490519B400C1DF4662FA9
Requests: 16 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 932C83439513D847FD65005C155EBCC5
Requests: 6 HTTP requests in this frame

Frame: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Frame ID: B8C5F1E1E08E4E84A6A87EA3A806DA0D
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 023A6D498A483E28D7E19FA0E7B23C6A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 5F69967DA910CF9F75808EF76BA8E775
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.614.1_en.html
Frame ID: BB1F741737E72C26664495FCAFF28CBD
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A22C27A56AEE4A1668588C2E081BD213
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Frame ID: 5AB95F31387D03D44D0838EE254656D8
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: A54B71FB16F44B5D8789BC6D08968DC9
Requests: 20 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3489506357034093000V10&type=rkt&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=1791377156191064515
Frame ID: D17F512E04E033DC5F938BB2B47CF86E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Dpba%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3DPM_UID
Frame ID: 316852935C7C99274BB09C38367F96E6
Requests: 12 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5264239699130614520&gdpr=0&gdpr_consent=
Frame ID: 66E196E8990D3374FDBC663ABAEC027C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=324ac73e-b956-11ee-b644-b7871f57e117
Frame ID: 9166718AEFB3363BA198BC8959176045
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
Frame ID: 64A33FF9B004764AD3C6B6E1B5FEC182
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Za63cAAQSQ9NFAAM
Frame ID: BF8EA7AED4503DF3CAD978B49AF157D5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: F139BB4E7D0C9934F969A0D4FAB92753
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 293A25F9A674981392C5B4906FC5C5D6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=05K1AIeQ4gHIxe0B0sL5VobGtlXIk-MA05BWtB4x
Frame ID: B20C80BC747E550ABB97461ADCD85D27
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:j7NgiJul1RrZh45&gdpr=0&gdpr_consent=
Frame ID: E2F6915ED84AB3FA76A16F943DD22C17
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: BE95B5D55688A956610DCDADC2288AFC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eWKhpx5YUWtHALyFbQLb_aYAzQQ&gdpr=0&gdpr_consent=
Frame ID: BE8FB66AF4C0E62AAAF516C63EB07579
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 12CA3E17BF77EE70256741D52AA8AA3E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377156191064515
Frame ID: 31654E47B0EC363DA04731AD9FAA66D0
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E1BE1969A14663FC188B28D4D5D0CA3F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU70a0bce6039d4daca1e59f3959e90c3e
Frame ID: 1C295ED7765505C12F0A32FF5B58117C
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 768D5581B1D9603D6F1B92619AD876A1
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 9FCE343379402B556A86EFA02F6DBA5A
Requests: 1 HTTP requests in this frame

Frame: https://ums.acuityplatform.com/tum?umid=6
Frame ID: 221C6CB63905BA391FC03BC0BCA9445A
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 2AC5B1486772391DDB9195C8F26EEDEA
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: 3B6C1773468A042CFD8657246CA0C467
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7524496074
Frame ID: C6305098F4D9D01C22D7D5171C7583C4
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 264436967714C71FB593A4E0D71E9809
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 5B481EBA89CCB99A00AF7BC68E1A8146
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: BE043D6D7846519D2EDFEAC5DDEDA71A
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: DA36270A1DEC47BF99AA65BBF3C0D314
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3F66180D3274469DA5E9643B9D81CE1D&gdpr=0&gdpr_consent=
Frame ID: FED1836B8F11455D3721DB42FBF628FB
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=pba&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=D7359040-831C-4C53-8F3D-3E61AAF82C32
Frame ID: C1F56BA85E1425825EB0DBAE620A2865
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

5th Edition SRD

Page URL History Show full URLs

  1. http://www.5esrd.com/ HTTP 301
    https://www.5esrd.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdks\.shopifycdn\.com
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

471
Requests

71 %
HTTPS

28 %
IPv6

102
Domains

160
Subdomains

98
IPs

8
Countries

6197 kB
Transfer

11273 kB
Size

154
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.5esrd.com/ HTTP 301
    https://www.5esrd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://www.5esrd.com/wp-admin/admin-ajax.php?action=ogn_getannouncement HTTP 301
  • https://www.5esrd.com/ajaxproxy/announcement.php?action=ogn_getannouncement
Request Chain 152
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Request Chain 166
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=58fbe5a9-b66f-4901-b450-6160664523f2
Request Chain 167
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3489506357034093000V10
Request Chain 168
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AABf_k7LXW8AABMaNAEM6g&ex=beeswax.com
Request Chain 169
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=3F66180D3274469DA5E9643B9D81CE1D&ex=simpli.fi&status=ok
Request Chain 170
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e6ff8e94f26kp8a00lrpa0c71
Request Chain 171
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=R6szywjTxz4ISx9CzGYb
Request Chain 172
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 174
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 175
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035435
Request Chain 178
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 179
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5264239699130614520&ex=appnexus.com
Request Chain 180
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Request Chain 181
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1331579128763342695977
Request Chain 202
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Za63a9ER0Ln7WCxCRQYqhAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAkT0WIiY4r6hLemPGL7sJ8&google_cver=1
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Za63a9ER0Ln7WCxCRQYqhAAADjkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHkr_l2KenQmLm1Tm0kcPZU&google_cver=1
Request Chain 204
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za63a9ER0Ln7WCxCRQYqhAAA%263641&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Za63a9ER0Ln7WCxCRQYqhAAA%263641&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=39bf75f78b784646be336af46269396b HTTP 303
  • https://he.lijit.com/merge?pid=8105&event_type=email&lc_md5=c371f3a46a0cf80ccb6bb53ce85259a1&lc_sha1=15d4ef2a428572900a9e39a893452a3378ab164e&lc_sha256=28fbaf00ae5a4767a5f448a07706ed924ac4c72e12adcf8eddc3dd7319f80d7a&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&gpdr= HTTP 302
  • https://p.alcmpn.com/em/173/117/2364.gif?gid=c371f3a46a0cf80ccb6bb53ce85259a1&eid=28fbaf00ae5a4767a5f448a07706ed924ac4c72e12adcf8eddc3dd7319f80d7a
Request Chain 206
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721673835&external_user_id=0bb679ad-da5b-422b-904c-81bc7a215aaf
Request Chain 207
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=d414e492-7044-4560-a63c-3de6bd8268d4
Request Chain 208
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=324ac73e-b956-11ee-b644-b7871f57e117
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5vsCtWSqCPe-6QiGVf9OI&google_cver=1
Request Chain 239
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za63a9ER0Ln7WCxCRQYqhAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9QENpwqGhqogIXSootYac&google_cver=1
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGgXv6YGzeAxrpGWvIpiK00&google_cver=1
Request Chain 241
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2NDIzOTY5OTEzMDYxNDUyMA%3D%3D
Request Chain 244
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=5264239699130614520&gdpr=0&gdpr_consent=
Request Chain 245
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPU70a0bce6039d4daca1e59f3959e90c3e&gdpr=0&gdpr_consent=&pid=103
Request Chain 246
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/universal/v1?supply_id=7yx5VOUe HTTP 302
  • https://cs.krushmedia.com/de7ce10e57c2d3dc3202d108c71b2d20.gif?puid=d6630e4d-4a2d-4525-a2ce-0b6de149f6df
Request Chain 247
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1705949036022 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5540568046 HTTP 302
  • https://sync.1rx.io/usersync/turn/4468107433271758181?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-82936826-9fe8-451e-b84d-303146b39ef7-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-82936826-9fe8-451e-b84d-303146b39ef7-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-82936826-9fe8-451e-b84d-303146b39ef7-005
Request Chain 248
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SUNRampCWkg3OHNrX1RiTVR0LTJKZFlK&gdpr=0
Request Chain 250
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&gdpr=0&gdpr_consent=
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZDY2MzBlNGQtNGEyZC00NTI1LWEyY2UtMGI2ZGUxNDlmNmRm HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 252
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=5264239699130614520
Request Chain 253
  • https://sync.1rx.io/usersync2/sharethrough HTTP 302
  • https://sync.1rx.io/usersync2/sharethrough?zcc=1&cb=1705949035998 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1781057330 HTTP 302
  • https://sync.1rx.io/usersync/turn/4540165027309686117?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-82936826-9fe8-451e-b84d-303146b39ef7-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-82936826-9fe8-451e-b84d-303146b39ef7-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-82936826-9fe8-451e-b84d-303146b39ef7-005
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMN6rrXs0MZtW41hZcaLkaM&google_cver=1
Request Chain 255
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za63a9ER0Ln7WCxCRQYqhAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_-2cA_5ZGV1Lc9d85vkgA&google_cver=1
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDlk9LmvfYLXY7pM_j-Il14&google_cver=1
Request Chain 257
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2NDIzOTY5OTEzMDYxNDUyMA%3D%3D
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=a2k2aE9tOE1RYmdySmFTaHJwVmYxQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEH3Vy9YuvSvMavywFI3BNJc&google_cver=1
Request Chain 260
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035435&nuid=&gdpr_consent=&gdpr=0
Request Chain 263
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8851619772679151664
Request Chain 265
  • https://match.adsrvr.org/track/cmf/openx?oxid=eb2f4fe2-24d0-3673-5ec3-3bf34da8f25e&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&ttd_puid=eb2f4fe2-24d0-3673-5ec3-3bf34da8f25e&gdpr=0&gdpr_consent=
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOOPMkGx0BmZbrgOXpeddtY&google_cver=1
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1zWQQIMcTFOPPT5hqvgsMg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 274
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D7359040-831C-4C53-8F3D-3E61AAF82C32 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=D7359040-831C-4C53-8F3D-3E61AAF82C32 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9b244153-841e-453a-bde1-70992b73f94e%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&ttd_puid=9b244153-841e-453a-bde1-70992b73f94e%2C%2C
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDczNTkwNDAtODMxQy00QzUzLThGM0QtM0U2MUFBRjgyQzMy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECBX12YvFj5nEPZwSITg0us&google_cver=1
Request Chain 279
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3F66180D3274469DA5E9643B9D81CE1D
Request Chain 280
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&gdpr=0&gdpr_consent=
Request Chain 322
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 323
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTMzMTU3OTEyODc2MzM0MjY5NTk3Nw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELb1BdRV62oZbgZDatsDOtk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 325
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTMzMTU3OTEyODc2MzM0MjY5NTk3Nw%3D%3D
Request Chain 327
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1331579128763342695977?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-vSlkB8tE2oQBrzzr1n.rJEJRQYqn5BjBahvBsqMS_Q--~A&dongle=0883
Request Chain 328
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1331579128763342695977&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1331579128763342695977&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8afe8626-c4c1-4ba3-8d49-84dc68781890&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=99ac63e3-e16d-4a63-aae4-f6f4e132d491&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 330
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5264239699130614520&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 337
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=eWKhpx5YUWtHALyFbQLb_aYAzQQ
Request Chain 338
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=NHnF3o1Wj124t3dEnrHI5A==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 340
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=7619955c-c7b9-43f4-9049-993b7e492194 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=7619955c-c7b9-43f4-9049-993b7e492194 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=7bc5428f-74f5-4fe2-8312-34d603a2b65e&user_group=1&ssp=openx&bsw_param=7619955c-c7b9-43f4-9049-993b7e492194 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=&gdpr_consent=&us_privacy=
Request Chain 341
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=oXgCOkh_icqczsnl2wUCb6dOHmbHXQ4ixr4-8HV1R1k&pi=openx&gdpr=0&tc=1
Request Chain 342
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qCzHwfwukMCze5_AqXyLl_14xJSzLZHBqC67A53Y
Request Chain 346
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=vidazoo&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Request Chain 349
  • https://ib.adnxs.com/getuid?https://sync.colossusssp.com/ap.gif?puid=$UID HTTP 302
  • https://sync.colossusssp.com/ap.gif?puid=5264239699130614520 HTTP 302
  • https://t.adx.opera.com/pub/sync?pubid=pub9891457922432 HTTP 302
  • https://sync.colossusssp.com/7fe59af1e9f84455a7de453521d1626d.gif?puid=OPU70a0bce6039d4daca1e59f3959e90c3e HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=bf94023f-32db-4796-a13b-f1630153aa5a
Request Chain 350
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=9um7azn&ttd_tpi=1 HTTP 302
  • https://sync.colossusssp.com/td.gif?puid=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&ttl=1708541037 HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=bf94023f-32db-4796-a13b-f1630153aa5a
Request Chain 352
  • https://id.rlcdn.com/712075.gif?ct=2&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CIu7KxoNCO3uuq0GEgUI6AcQAEIASgA HTTP 307
  • https://sync.colossusssp.com/4560195433dd0d468e9a635d097ffb01.gif?puid= HTTP 302
  • https://openrtb.cootlogix.com/api/cookie?userId=bf94023f-32db-4796-a13b-f1630153aa5a&partnerId=colossus
Request Chain 353
  • https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]&us_privacy=[CCPA]&redirectUri=https%3A%2F%2Fsync.colossusssp.com%2F021909c6bcf2644c2583393eed86ca15.gif%3Fpuid%3D%24UID%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://sync.colossusssp.com/021909c6bcf2644c2583393eed86ca15.gif?puid=VESUbiittUiZO3GX6dGv&gdpr_consent=&gdpr=[GDPR]&us_privacy=[CCPA] HTTP 302
  • https://x.bidswitch.net/sync?ssp=huddledmss HTTP 302
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=huddledmss&gdpr=&gdpr_consent=&us_privacy= HTTP 303
  • https://x.bidswitch.net/sync?user_id=AABf_k7LXW8AABMaNAEM6g&dsp_id=269&expires=5&ssp=huddledmss HTTP 302
  • https://sync.colossusssp.com/bidswitch.gif?puid=99ac63e3-e16d-4a63-aae4-f6f4e132d491 HTTP 302
  • https://openrtb.cootlogix.com/api/cookie?userId=bf94023f-32db-4796-a13b-f1630153aa5a&partnerId=colossus
Request Chain 356
  • https://match.prod.bidr.io/cookie-sync/col HTTP 303
  • https://sync.colossusssp.com/500e7b56c46df78315584d09f505b8d4.gif?puid=AABf_k7LXW8AABMaNAEM6g HTTP 302
  • https://id.rlcdn.com/712075.gif?ct=2&cv=
Request Chain 357
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3427&partner_device_id=bf94023f-32db-4796-a13b-f1630153aa5a HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D9b244153-841e-453a-bde1-70992b73f94e%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5264239699130614520&pt=9b244153-841e-453a-bde1-70992b73f94e%2C%2C
Request Chain 358
  • https://t.adx.opera.com/pub/sync?pubid=pub9891457922432 HTTP 302
  • https://sync.colossusssp.com/7fe59af1e9f84455a7de453521d1626d.gif?puid=OPU70a0bce6039d4daca1e59f3959e90c3e HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Request Chain 363
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 364
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Drkt%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3489506357034093000V10&type=rkt&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=1791377156191064515
Request Chain 367
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Dcon%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=con&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035437&gdpr_consent=&gdpr=0
Request Chain 368
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Dopx%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3489506357034093000V10&type=opx&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=2303267d-8fd0-0c93-3d8c-459dff476082
Request Chain 369
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Dr1%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8007836238 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-82936826-9fe8-451e-b84d-303146b39ef7-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Dr1%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3DRX-82936826-9fe8-451e-b84d-303146b39ef7-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=r1&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=RX-82936826-9fe8-451e-b84d-303146b39ef7-005
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ4OTUwNjM1NzAzNDA5MzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELsv6I2zgk5eg8fVKNe2jpU&google_cver=1
Request Chain 371
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Ddxu%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Ddxu%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=dxu&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=j7NgiJul1RrZh45
Request Chain 372
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=eff25136-4af8-4ea6-abc8-49da811f8a17&gdpr=0&gdpr_consent=&us_privacy=&gpp=
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=7619955c-c7b9-43f4-9049-993b7e492194&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dmedianet%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=medianet&user_id=PE3QoATcLvodKjQNwOfj0 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 374
  • https://match.sharethrough.com/universal/v1?supply_id=zKJmsEAd HTTP 302
  • https://cs.media.net/cksync.php?cs=3&type=shr&ovsid=d6630e4d-4a2d-4525-a2ce-0b6de149f6df
Request Chain 375
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=R6szywjTxz4ISx9CzGYb
Request Chain 376
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3489506357034093000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3489506357034093000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=376d755f-73d2-42f8-9786-f8df9b0ce467&cs=1
Request Chain 377
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2
Request Chain 389
  • https://sync.1rx.io/usersync2/rmpssp?sub=vidazoo&us_privacy=1---&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-82936826-9fe8-451e-b84d-303146b39ef7-005?redir=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dunruly%26userId%3DRX-82936826-9fe8-451e-b84d-303146b39ef7-005%26us_privacy%3D1--- HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=unruly&userId=RX-82936826-9fe8-451e-b84d-303146b39ef7-005&us_privacy=1---
Request Chain 394
  • https://u.openx.net/w/1.0/cm?cc=1&id=4241c706-9fd2-4ae4-b2d7-c9f8d34e773c&ph=f4cc9fb1-057b-4e7a-b393-325ee9109574&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dopenx%26userId%3D%7BOPENX_ID%7D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=openx&userId=19a03e87-ab8b-0dc5-21c9-79f7fc0f4635&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 399
  • https://adrta.com/i?kv26=WINDOWS&kv2=https%3A%2F%2Fwww.5esrd.com&paid=pngl&kv15=CA&kv11=61135p2C4t_qca1vqyKY3z8hIXvAu7217&kv12=945271561&caid=1775542441621505&kv3=8e6b5b7df24a06af5761947d22d94188&kv10=&kv17=-106.350&kv28=_&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&clid=bd&plid=1779195391058994&kv16=56.130&avid=7234043075373350914&publisherId=39496&kv4=2001%3A4958%3A1420%3A%3A&kv24=web HTTP 302
  • https://ipds.adrta.com/i?__x=GKKFGCIHKDI@HBGPNJNEFLKJMMIJFGNOFBIMFJNLPEJPONG@KLILMGFFHKLFMOFHHNMBFNHKOINHJMPPHAJIHKFNMLJFLKLGJQLKN@INELQJOEHPPMICFAE@H&kv26=WINDOWS&kv2=https%3A%2F%2Fwww.5esrd.com&paid=pngl&kv15=CA&kv11=61135p2C4t_qca1vqyKY3z8hIXvAu7217&kv12=945271561&caid=1775542441621505&kv3=8e6b5b7df24a06af5761947d22d94188&kv10=&kv17=-106.350&kv28=_&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&clid=bd&plid=1779195391058994&kv16=56.130&avid=7234043075373350914&publisherId=39496&kv4=2001%3A4958%3A1420%3A%3A&kv24=web
Request Chain 410
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=vidazoo&gdpr_consent=1---&khaos=LRPA0F1C-1G-CTBF HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRPA0F1C-1G-CTBF&gdpr_consent=1---
Request Chain 411
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&gdpr_consent=1---&khaos=LRPA0F0Y-K-6SPU HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Request Chain 412
  • https://token.rubiconproject.com/token?pid=25470&gdpr_consent=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJQQTBGMFktSy02U1BV&gdpr_consent=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr_consent=1---&google_gid=CAESEDqprCS1rOv0X8fVvX6QRSg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQQTBGMFktSy02U1BV&google_push=&gdpr_consent=1---
Request Chain 413
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=1---&dcc=t
Request Chain 414
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWU2NDllNDFjYWZmNzlhMGVmNWI1OTk3OGQ0YzYyYTIxYWQ1MTc3MQ&gdpr_consent=1---
Request Chain 415
  • https://token.rubiconproject.com/token?pid=36584&gdpr_consent=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Request Chain 416
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/A6Nu6FNgLplWJ5-n1momXg?csrc=&gdpr_consent=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-fnbk2bRE2oKAjbg.q7PxpVVr2SzFjJv5dZ81mQ--~A&gdpr=0&gdpr_consent=1---
Request Chain 417
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&gdpr=0&gdpr_consent=&expires=30
Request Chain 418
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr_consent=1--- HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRPA0F0Y-K-6SPU&ex=d-rubiconproject.com&status=ok&gdpr_consent=1---
Request Chain 419
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=1---&put=CAESECaZO3v3tBHXa2edIiHjGWU&google_cver=1
Request Chain 420
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=1---&dcc=t
Request Chain 422
  • https://token.rubiconproject.com/token?pid=26594&gdpr_consent=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRPA0F0Y-K-6SPU&redir=true&gdpr_consent=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRPA0F0Y-K-6SPU&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1oZnh4bE14RTJ1SEN6a0JZZm9LRkVYUXV3VEtld1lEa35B&ovsid=LRPA0F0Y-K-6SPU&dpid=58160
Request Chain 423
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr_consent=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Request Chain 424
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr_consent=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Request Chain 425
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr_consent=1--- HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRPA0F0Y-K-6SPU&gdpr_consent=1--- HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRPA0F0Y-K-6SPU
Request Chain 426
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr_consent=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Request Chain 427
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr_consent=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6b6cdda2-ebe1-48ad-8cff-faacb5f8f63d&expires=30&gdpr_consent=1---
Request Chain 428
  • https://match.sharethrough.com/universal/v1?supply_id=TAEWcTBw&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=sharthrough&userId=d6630e4d-4a2d-4525-a2ce-0b6de149f6df&gdpr=0
Request Chain 429
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dgrid%26userId%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---?gdpr=0&gdpr_consent=&us_privacy=1---&uid=${BSW_UUID}&cookie_age=${COOKIE_AGE} HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=grid&userId=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 432
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5264239699130614520&gdpr=0&gdpr_consent=
Request Chain 433
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=324ac73e-b956-11ee-b644-b7871f57e117
Request Chain 434
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZl9rN0xYVzhBQUJNYU5BRU02Zw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AABf_k7LXW8AABMaNAEM6g&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
Request Chain 435
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Za63cAAQSQ9NFAAM
Request Chain 437
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=8a89f9fd-b677-403c-8636-e2645c1e8c32&expires=1&user_group=2&ssp=pubmatic&bsw_param=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 438
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=05K1AIeQ4gHIxe0B0sL5VobGtlXIk-MA05BWtB4x
Request Chain 439
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:j7NgiJul1RrZh45&gdpr=0&gdpr_consent=
Request Chain 440
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D7359040-831C-4C53-8F3D-3E61AAF82C32&vxii_pid=12&vxii_pid1=10067&vxii_rcid=710a6a01-0773-4996-a27b-96cd96c33680
Request Chain 444
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D7359040-831C-4C53-8F3D-3E61AAF82C32&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jCv1tqVE2uU7H59qas5INHhIhQfmzDQ-~A&gdpr=0
Request Chain 445
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8810df01-36ca-42ca-8d7f-8b9d2a1b9311&gdpr=0&gdpr_consent=
Request Chain 446
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035440&nuid=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr_consent=&gdpr=0
Request Chain 447
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=27c0b7aa-ed19-4030-84dc-1a54ef7b188b-65aeb770-5553&gdpr=0&gdpr_consent=
Request Chain 450
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eWKhpx5YUWtHALyFbQLb_aYAzQQ&gdpr=0&gdpr_consent=
Request Chain 451
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 452
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377156191064515
Request Chain 454
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU70a0bce6039d4daca1e59f3959e90c3e
Request Chain 460
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7524496074
Request Chain 465
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3F66180D3274469DA5E9643B9D81CE1D&gdpr=0&gdpr_consent=
Request Chain 468
  • https://idsync.rlcdn.com/712188.gif?partner_uid=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr=0&gdpr_consent= HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=02c21282874617ffdcaf137f5574c484c39b246a02bafcb0c7caccabaeebec42791426b5417dce21&_=2
Request Chain 471
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4468107433271758181&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 474
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=oXgCOkh_icqczsnl2wUCb6dOHmbHXQ4ixr4-8HV1R1k&pi=pubmatic&gdpr=0&gdpr_consent=
Request Chain 475
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8851619772679151664

471 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.5esrd.com/
Redirect Chain
  • http://www.5esrd.com/
  • https://www.5esrd.com/
46 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c899c3c18e019626d24a9b9ffc38ff02c4a895b88b228fba8eb1e821531d3ca9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 22 Jan 2024 18:43:49 GMT
ETag
W/"65ab559c-b7eb"
Last-Modified
Sat, 20 Jan 2024 05:09:48 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-OGN-Cachefile
/wp-content/cache/supercache/www.5esrd.com///index-https.html
X-OGN-config
wp

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Mon, 22 Jan 2024 18:43:49 GMT
Location
https://www.5esrd.com/
Server
nginx/1.18.0 (Ubuntu)
ogncustom.css
www.5esrd.com/wp-content/plugins/ogncustom/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/plugins/ogncustom/css/ogncustom.css?ver=1679498775
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e5f2cb20ed23c7594509f54d0a2cc5a81ea70523c5bec55624b56e7f41ca6acc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:49 GMT
X-OGN-FILE
/wp-content/plugins/ogncustom/css/ogncustom.css
Content-Encoding
gzip
Last-Modified
Wed, 22 Mar 2023 15:26:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"641b1e17-cbc"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:49 GMT
screen.min.css
www.5esrd.com/wp-content/plugins/table-of-contents-plus/ 		1 KB
866 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2309
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:49 GMT
X-OGN-FILE
/wp-content/plugins/table-of-contents-plus/screen.min.css
Content-Encoding
gzip
Last-Modified
Fri, 29 Dec 2023 13:49:30 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"658ece6a-484"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:49 GMT
style.css
www.5esrd.com/wp-content/themes/quickstrap/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/themes/quickstrap/style.css?ver=cd5e61633b765dfeb1732bf8e373920f
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0db8b3e2f4ab7d39f93e1184fc7341e9b08d3cf69bd0816151dd80098e5da526

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/themes/quickstrap/style.css
Content-Encoding
gzip
Last-Modified
Sun, 01 Nov 2020 17:50:22 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"5f9ef55e-c2c"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
style.css
www.5esrd.com/wp-content/themes/srdtheme/css/ 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/themes/srdtheme/css/style.css?ver=1.15.1
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1c22134c6e0a3e8da76ec971c8c00a2cdcaab8d7db75ea982faf2cce2d0b0caa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/themes/srdtheme/css/style.css
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 21:30:39 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"654bfdff-7f0d"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
bootstrap.min.css
www.5esrd.com/wp-content/themes/quickstrap/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/themes/quickstrap/css/bootstrap.min.css?ver=3.3.6
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/themes/quickstrap/css/bootstrap.min.css
Content-Encoding
gzip
Last-Modified
Sun, 01 Nov 2020 17:50:22 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"5f9ef55e-1d970"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
4.css
www.5esrd.com/wp-content/themes/srdtheme/css/sites/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/themes/srdtheme/css/sites/4.css?ver=1675260294
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
17d6c4c8e44fb37c82599d9c5eb72c76d5b8b0ee57041135fdcc3e712e1eedad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/themes/srdtheme/css/sites/4.css
Content-Encoding
gzip
Last-Modified
Wed, 01 Feb 2023 14:04:54 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"63da7186-178d"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
excel-bootstrap-table-filter-style.min.css
www.5esrd.com/wp-content/themes/srdtheme/css/ 		1 KB
853 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/themes/srdtheme/css/excel-bootstrap-table-filter-style.min.css?ver=1697803649
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e63c4842f858ac22c87870f9090f90b697cfb02f7b8b5b9d4b261cb8733d7a18

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/themes/srdtheme/css/excel-bootstrap-table-filter-style.min.css
Content-Encoding
gzip
Last-Modified
Fri, 20 Oct 2023 12:07:29 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"65326d81-46a"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
font-awesome.min.css
www.5esrd.com/wp-content/themes/quickstrap/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/themes/quickstrap/font-awesome/css/font-awesome.min.css?ver=4.5.0
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/themes/quickstrap/font-awesome/css/font-awesome.min.css
Content-Encoding
gzip
Last-Modified
Sun, 01 Nov 2020 17:50:22 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"5f9ef55e-7918"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
dnd5e.min.css
www.5esrd.com/wp-content/plugins/ogncustom/systems/dnd5e/ 		56 B
482 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/plugins/ogncustom/systems/dnd5e/dnd5e.min.css?ver=1660863666
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3198778b9f0c39cb5e05832491297ef9471917055304f8056900b0c47370d9ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/plugins/ogncustom/systems/dnd5e/dnd5e.min.css
Content-Encoding
gzip
Last-Modified
Thu, 18 Aug 2022 23:01:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"62fec4b2-38"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
jquery.js
www.5esrd.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-includes/js/jquery/jquery.js
Content-Encoding
gzip
Last-Modified
Tue, 08 Oct 2019 08:45:45 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"5d9c4cb9-17a6a"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
jquery-migrate.min.js
www.5esrd.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-includes/js/jquery/jquery-migrate.min.js
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 06:11:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"573eaa90-2748"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
srdtheme.js
www.5esrd.com/wp-content/themes/srdtheme/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/themes/srdtheme/js/srdtheme.js?ver=1697803305
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b62de47457c752650aa780ee09a46f9f8f48ac4741507dd921cc07bf028cc119

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/themes/srdtheme/js/srdtheme.js
Content-Encoding
gzip
Last-Modified
Fri, 20 Oct 2023 12:01:45 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"65326c29-8b1"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
bootstrap.min.js
www.5esrd.com/wp-content/themes/quickstrap/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/themes/quickstrap/js/bootstrap.min.js?ver=3.3.6
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/themes/quickstrap/js/bootstrap.min.js
Content-Encoding
gzip
Last-Modified
Sun, 01 Nov 2020 17:50:22 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"5f9ef55e-90b5"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
ognbar.min.js
account.opengamingnetwork.com/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.opengamingnetwork.com/js/ognbar.min.js?ver=cd5e61633b765dfeb1732bf8e373920f
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6e8deae5cc4ba74a776214b218852d39046f01ae257ffb2077caeb8a0d8a4aaa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
Last-Modified
Fri, 10 Nov 2023 20:07:32 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"654e8d84-1f66"
Content-Type
application/javascript
Cache-Control
max-age=120
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8038
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff33b8b88ad5254a11d09ba955831b451e51d63df876e711cb5d8f1200e935f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51095
x-xss-protection
0
server
cafe
etag
298935648105275596
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 22 Jan 2024 18:43:51 GMT
ads-102.js
s.nitropay.com/ 		552 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/ads-102.js
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40459086c6383ee3b43c8a19c205bd8dd08511237d922150b242194b51d98d18
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1704586008
age
13208
x-guploader-uploadid
ABPtcPqXNjtrtjhEfkiDe-FFflp_CHOmBzZYUjMSCOkPpNQvJcF8piPxhjhybHcOFuR3Fzl03vhmzsqRjQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jan 2024 15:03:17 GMT
server
cloudflare
etag
W/"afdd79a91f0c7fd15f1d5b3217f999f1:1705935797000:CA"
vary
Accept-Encoding
x-goog-generation
1704586765760529
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=YBJYJQ==, md5=r915qR8Mf9FfHVsyF/mZ8Q==
access-control-expose-headers
Content-Type
cache-control
private, max-age=600
x-goog-stored-content-length
561356
cf-ray
8499f1df1e1da1ec-YYZ
expires
Tue, 23 Jan 2024 03:03:42 GMT
rss.png
www.5esrd.com/wp-includes/images/ 		608 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5esrd.com/wp-includes/images/rss.png
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-includes/images/rss.png
Last-Modified
Wed, 07 Nov 2012 18:49:10 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"509aad26-260"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
608
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Up1Blue.png
www.5esrd.com/wp-content/themes/srdtheme/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5esrd.com/wp-content/themes/srdtheme/images/Up1Blue.png
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4b7dacff7f4549a26231147fa50ae904b1712cfabb9c93e3c1b74fc1d2664f8e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/themes/srdtheme/images/Up1Blue.png
Last-Modified
Fri, 20 Oct 2023 12:01:45 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65326c29-1e3f"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7743
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YS1HY85X30
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24c5e57cca2bfe6dec307f8ec7b59ef093e25a02889120bb9a40d1d908daeb8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94055
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 18:43:51 GMT
ogn.js
www.5esrd.com/wp-content/plugins/ogncustom/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/plugins/ogncustom/js/ogn.js?ver=1660863666
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ed181744154597db05bb1bfbd9273e3f742fadcf9119e9fa3d1c72036c73bd7b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/plugins/ogncustom/js/ogn.js
Content-Encoding
gzip
Last-Modified
Thu, 18 Aug 2022 23:01:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"62fec4b2-dbb"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
ogn-shopify.js
www.5esrd.com/wp-content/plugins/ogncustom/js/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/plugins/ogncustom/js/ogn-shopify.js?ver=1660863666
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9e0005c7319222a7be5dfb42f9727d20cd3d73f37f6dc0f82dfdb0441bc8680b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/plugins/ogncustom/js/ogn-shopify.js
Content-Encoding
gzip
Last-Modified
Thu, 18 Aug 2022 23:01:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"62fec4b2-1890"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
ogn-nav.js
www.5esrd.com/wp-content/plugins/ogncustom/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/plugins/ogncustom/js/ogn-nav.js?ver=1660863666
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
26d89426163cf206b5254248cde498f43b51fe89bb4aa5fba1f12ffaebdaa876

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/plugins/ogncustom/js/ogn-nav.js
Content-Encoding
gzip
Last-Modified
Thu, 18 Aug 2022 23:01:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"62fec4b2-19a1"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
front.min.js
www.5esrd.com/wp-content/plugins/table-of-contents-plus/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2309
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/plugins/table-of-contents-plus/front.min.js
Content-Encoding
gzip
Last-Modified
Fri, 29 Dec 2023 13:49:30 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"658ece6a-180f"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
core.min.js
www.5esrd.com/wp-includes/js/jquery/ui/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-includes/js/jquery/ui/core.min.js
Content-Encoding
gzip
Last-Modified
Fri, 01 Oct 2021 12:33:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"61570002-f59"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
widget.min.js
www.5esrd.com/wp-includes/js/jquery/ui/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-includes/js/jquery/ui/widget.min.js
Content-Encoding
gzip
Last-Modified
Fri, 01 Oct 2021 12:33:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"61570002-1ab0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
mouse.min.js
www.5esrd.com/wp-includes/js/jquery/ui/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7e8d54d6c6a4ebd0237786d41ff5d205096eda696f2a5b591e074fe94ba3b3af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-includes/js/jquery/ui/mouse.min.js
Content-Encoding
gzip
Last-Modified
Fri, 01 Oct 2021 12:33:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"61570002-c46"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
effect.min.js
www.5esrd.com/wp-includes/js/jquery/ui/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9b38de84848aa5c208007506fc9d8dc53ded3962800b09f83b6d093555ba779f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-includes/js/jquery/ui/effect.min.js
Content-Encoding
gzip
Last-Modified
Fri, 01 Oct 2021 12:33:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"61570002-33aa"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
effect-blind.min.js
www.5esrd.com/wp-includes/js/jquery/ui/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d5c5de31ad9d64a23beda3d8ec60183ca3ca1d19777d15e3ef4bf42c27924a8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-includes/js/jquery/ui/effect-blind.min.js
Content-Encoding
gzip
Last-Modified
Fri, 01 Oct 2021 12:33:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"61570002-469"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
draggable.min.js
www.5esrd.com/wp-includes/js/jquery/ui/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
24539433fce4b27fc6c4a4c471eb078a394d562681dc15f3b7f1fc1550ab41f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-includes/js/jquery/ui/draggable.min.js
Content-Encoding
gzip
Last-Modified
Fri, 01 Oct 2021 12:33:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"61570002-4979"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:50 GMT
droppable.min.js
www.5esrd.com/wp-includes/js/jquery/ui/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-includes/js/jquery/ui/droppable.min.js?ver=1.11.4
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cb578ed9307a8912ee5bbd79f91b80fec2abe28042e6bd03a83c679f33005411

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:51 GMT
X-OGN-FILE
/wp-includes/js/jquery/ui/droppable.min.js
Content-Encoding
gzip
Last-Modified
Fri, 01 Oct 2021 12:33:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"61570002-1856"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:51 GMT
excel-bootstrap-table-filter-bundle.min.js
www.5esrd.com/wp-content/themes/srdtheme/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/themes/srdtheme/js/excel-bootstrap-table-filter-bundle.min.js?ver=1697803305
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cff9519362013d9ecc4540de0afb74bd85ccd74a3496a216b95c4abae6022d5d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:51 GMT
X-OGN-FILE
/wp-content/themes/srdtheme/js/excel-bootstrap-table-filter-bundle.min.js
Content-Encoding
gzip
Last-Modified
Fri, 20 Oct 2023 12:01:45 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"65326c29-1f22"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:51 GMT
wp-embed.min.js
www.5esrd.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-includes/js/wp-embed.min.js?ver=cd5e61633b765dfeb1732bf8e373920f
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:51 GMT
X-OGN-FILE
/wp-includes/js/wp-embed.min.js
Content-Encoding
gzip
Last-Modified
Mon, 25 Dec 2023 00:29:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6588ccce-5a3"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:51 GMT
wp-emoji-release.min.js
www.5esrd.com/wp-includes/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-includes/js/wp-emoji-release.min.js?ver=cd5e61633b765dfeb1732bf8e373920f
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:52 GMT
X-OGN-FILE
/wp-includes/js/wp-emoji-release.min.js
Content-Encoding
gzip
Last-Modified
Fri, 01 Oct 2021 12:33:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"61570002-2ea7"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Tue, 23 Jan 2024 18:43:52 GMT
tag
btloader.com/ 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
447825c34846cdfd707880a9dabb190f1da402b4ebb9ef87248873dff88177a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:53 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 22 Jan 2024 17:52:49 GMT
server
cloudflare
age
2930
etag
"fed02217227df63a93a2c30b691d5c51"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8499f1f01f0d39e1-YYZ
content-length
27697
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d815064fc8083cb203c0c5912f34e891e5ab69d781d63fb5d0f5709d78f10bb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29397
x-xss-protection
0
server
cafe
etag
351 / 19744 / m202401170101 / config-hash: 11333144799641635771
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 18:43:53 GMT
1.gif
s.nitropay.com/ 		42 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/1.gif?x=1&adslot=
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:53 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
152403
x-guploader-uploadid
ABPtcPqLYjmy0l3HWtpSPF-L4pKOx79GV_1qyV6pgfMKlGy-5XGo19fqtSOf5wtGDX4z2KENLA
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
42
x-goog-meta-
last-modified
Fri, 22 Jan 2021 08:58:45 GMT
server
cloudflare
etag
"d89746888da2d9510b64a9f031eaecd5"
vary
Accept-Encoding
x-goog-generation
1611305925409947
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=604800
x-goog-stored-content-length
42
accept-ranges
bytes
cf-ray
8499f1f13810a1ec-YYZ
expires
Sun, 28 Jan 2024 00:23:50 GMT
paper-background-146857304309p.jpg
www.5esrd.com/wp-content/uploads/sites/4/2018/07/ 		371 KB
372 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5esrd.com/wp-content/uploads/sites/4/2018/07/paper-background-146857304309p.jpg
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d2fc753bf9543b229f376ad7debb0a291564f7938ed7e0b954ed733f60562ceb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
X-OGN-FILE
/wp-content/uploads/sites/4/2018/07/paper-background-146857304309p.jpg
Last-Modified
Wed, 18 Jul 2018 16:39:59 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5b4f6d5f-5cde5"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
380389
Expires
Thu, 31 Dec 2037 23:55:55 GMT
glyphicons-halflings-regular.woff2
www.5esrd.com/wp-content/themes/quickstrap/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/wp-content/themes/quickstrap/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/wp-content/themes/quickstrap/css/bootstrap.min.css?ver=3.3.6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://www.5esrd.com/wp-content/themes/quickstrap/css/bootstrap.min.css?ver=3.3.6
Origin
https://www.5esrd.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:50 GMT
Last-Modified
Sun, 01 Nov 2020 17:50:22 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5f9ef55e-466c"
Content-Type
application/octet-stream
X-OGN-Cachefile
/wp-content/cache/supercache/www.5esrd.com//wp-content/themes/quickstrap/fonts/glyphicons-halflings-regular.woff2/index-https.html
Connection
keep-alive
Accept-Ranges
bytes
X-OGN-config
wp
Content-Length
18028
gpp-1a69fb4.min.js
s.nitropay.com/ 		255 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/gpp-1a69fb4.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef3f38fbc4379406a164b12ef71390cd60266256f54c063a33fb160e1c447288
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:53 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
152403
x-guploader-uploadid
ABPtcPpG0mFDVL56JQf_mKhOr_iZhsMvcXkQDJ7XVO5kbEjSiTs9WlvTWk4YIrw6mYs-MzkPBmk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 22 Nov 2023 19:45:05 GMT
server
cloudflare
etag
W/"2521d464f1350923e1868e68d5b9e8c5"
vary
Accept-Encoding
x-goog-hash
crc32c=rG3Gsg==, md5=JSHUZPE1CSPhho5o1bnoxQ==
x-goog-generation
1700682305462354
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800
x-goog-stored-content-length
261066
cf-ray
8499f1f198f0a1ec-YYZ
expires
Sun, 28 Jan 2024 00:23:50 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:40:46 GMT
content-encoding
gzip
via
1.1 c35f767218cbd1125d801b52fa785c8c.cloudfront.net (CloudFront), 1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 20:22:23 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, YUL62-C2
age
188
x-amz-server-side-encryption
AES256
etag
W/"60bfb96bc5dd4ca3429ef2f4df9e17d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
5OWnBRipliUgO1kOh9lHGchterJtOdMlV5SgkGTUnCobCISMX8e9Rw==
102
t.nit.ro/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.nit.ro/a/102?d=eyJocmVmIjoiaHR0cHM6Ly93d3cuNWVzcmQuY29tLyIsInYiOjk1LCJhIjpmYWxzZSwicyI6dHJ1ZSwiYyI6IkNBIiwiciI6IlFDIn0%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.189.147 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
147.189.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cloud-trace-context
9330a8bb7faa08d0c3fa21d83ec6f576
date
Mon, 22 Jan 2024 18:43:51 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
7YA5GpHg48S818VCt31NAA.woff2
fonts.gstatic.com/s/volkhov/v8/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/volkhov/v8/7YA5GpHg48S818VCt31NAA.woff2
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/wp-content/themes/srdtheme/css/style.css?ver=1.15.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a73e5b3901db371fcc06ca7e8e1849390f002bfd6631e29842e1319e5d599e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
Origin
https://www.5esrd.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 10:44:51 GMT
x-content-type-options
nosniff
age
201540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31276
x-xss-protection
0
last-modified
Tue, 19 Aug 2014 23:54:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jan 2025 10:44:51 GMT
auction
tlx.3lift.com/header/ 		19 B
818 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.16.0&referrer=https%3A%2F%2Fwww.5esrd.com%2F&tmax=1200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.163.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-163-95.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
accept-ch
sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
14 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		0
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		190 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:12::500 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
5ebcaf9329f3070502162e0d5e8f748a633e2faf321e4797e1c1924dc0549bee

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
190
expires
0
bid
ap.lijit.com/rtb/ 		24 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.16.0
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
d7f78356795807c99aa29807dd2e07a7119dfe67a13207dcdb8bb1904a251b2f

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 22 Jan 2024 18:43:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.5esrd.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
prebid.media.net/rtb/ 		17 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
7a7130c39979be1507d68cdd7242fd6c7ed6fa1d56959c511537ca4714ebdac7

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
316
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 18:43:51 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=299512
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c180af1fb54463c53f8c57103a5a7733ecf24ea3ff16829db3800e2c762d21e

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=watbNWIMVgEcNGznyG%2BGUm3Hhs8He3lerXtUabPY2m8bEY218Q%2FPjv%2BxCuS60MgUfeMKQ%2FRE5%2FFGjJNDk7CPeaLqmwj3VNIfq15Jjz4474Cbn98Hmrnzr9oAgm9muh99oB5oaDSs"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8499f1e40aaf36da-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
115 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
703 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
an-x-request-uuid
dd59d54b-334c-407a-ac2b-44e4e4a8e305
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
38c84d4eb9c10d7d6c88f407670064f6120ec6ff7dbb59d75b8cca307492f061

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 22 Jan 2024 18:43:51 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
64ad08781b504dd7d06be9f7
prebid.cootlogix.com/prebid/multi/ 		0
942 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/64ad08781b504dd7d06be9f7
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.244.160.239 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
cdb
bidder.criteo.com/ 		0
192 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.16.0&cb=91740415640&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ 		0
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.16.0&cb=5506304065&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		53 B
339 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
61bcd15df07a6db7485a025ad2d767d96e67db06a6afc7998fde8b5c004dba6e

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 22 Jan 2024 18:43:51 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/ 		0
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		192 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:12::500 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
32fdc08e416efc18543a67a1c5a74389e5d797b5edd09e73dba83ad91c1eff5e

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
192
expires
0
64ad08781b504dd7d06be9f7
prebid.cootlogix.com/prebid/multi/ 		0
941 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/64ad08781b504dd7d06be9f7
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.244.160.239 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
86a8498715f70ee20d8dd02774e1397846ad35e229c1f7b019a3d5c902c7e971

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:50 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
117
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 18:43:51 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=299512
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61381ba783e477d9c4800abb2a4e39bf9aada70ee0192b7e118b8ef52523254

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K190RTIP%2BjVjBQohHUHuRDww7HXCJF1KoqqBzcaNx0LhhfIvmoylLwPj7XXYOa9fTJsVrv5BP0PCuPKWZo8iocs0w5YpCFwJkQgif66QrKqtOG3XU4fP9%2BrlCqo3ZsBBOcAIFuTU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8499f1e40ac336da-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
698 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
6553c68622529bcfc49abca8fffa4d8b50b4ddfe4f81f2ff66b15ef28d03c748
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
an-x-request-uuid
84a23b85-8abc-4ba2-8dcc-42cc971f87d5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.16.0
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b7ecdcc0bc5edb80b01fa2273a715a40622f1b72588ee99fc60951e91c1d4c59

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 22 Jan 2024 18:43:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.5esrd.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
trinity.json
apex.go.sonobi.com/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
14 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
817 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.16.0&referrer=https%3A%2F%2Fwww.5esrd.com%2F&tmax=1200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.163.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-163-95.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
accept-ch
sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
01b745685caf86b20552ffcd0e0199e6c30744035a7a5e2e26523d5cbe5211a1

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 22 Jan 2024 18:43:51 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bid
ap.lijit.com/rtb/ 		24 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.16.0
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
4cc95076471b4cd2e971c4e7033c5a80e1152f2206b3cd9294bee9d03d55c10e

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 22 Jan 2024 18:43:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.5esrd.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		192 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:12::500 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
3a27166647c773fb21d29685b1ca4070255da70ece7518c1e31f4a6c59692470

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
192
expires
0
translator
hbopenbid.pubmatic.com/ 		0
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=299509
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a95e2be74bab5505b36b35efe8e18679d964ff4876d1f39b2ecdd5163bd8b9ca

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYdOI2785fwepFWyG4f3beBivkqsqPSsv49C9UMn9lnG7mWsW2kP1%2Fl3Kka%2Fnls09gwyahs9gCcPq6OD7YtRQ4Suga7iulcIK%2BQOkfeCcEXXbUzODS93HNGS5%2B7SUB2DggCqJHlH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8499f1e40ac936da-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
trinity.json
apex.go.sonobi.com/ 		0
0
auction
tlx.3lift.com/header/ 		19 B
819 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.16.0&referrer=https%3A%2F%2Fwww.5esrd.com%2F&tmax=1200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.163.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-163-95.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
accept-ch
sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
771 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
cc2aa60d2c4f730c1797114a4d9d680b599088c6645dca8fe9d708feed136865

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:50 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 18:43:51 GMT
cdb
bidder.criteo.com/ 		0
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.16.0&cb=25730763609&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
64ad08781b504dd7d06be9f7
prebid.cootlogix.com/prebid/multi/ 		0
940 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/64ad08781b504dd7d06be9f7
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.244.160.239 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
697 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ea54a8f952127f36c8ba976391617645b4fe893a307d1a693e3f04aeb5a439aa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
an-x-request-uuid
2f2ee46b-f947-494e-a59c-3de3f9f3398b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
o9.js
v.nitropay.com/ 		781 KB
225 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v.nitropay.com/o9.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
b7e1f0b6cb6c8752fc70e6587a8f3954a1dca3f2aa9d129fdf44efec9f1e36ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:53 GMT
content-encoding
br
cdn-edgestorageid
1029
perma-cache
HIT
cdn-storageserver
NY-346
cdn-cachedat
01/03/2024 11:14:53
cdn-pullzone
602660
last-modified
Thu, 20 Oct 2022 00:05:47 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
268
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"635090db-c3556"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
cache-control
public, max-age=31919000
cdn-requestid
f728d545ccce1453825b20ce43a7d0c7
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
oa.css
v.nitropay.com/ 		25 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.nitropay.com/oa.css
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
4144937e0db08cfe72f574dda72b1f5f08a1a70614a8faa4e8d8fac6eac1ffd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:51 GMT
content-encoding
br
cdn-edgestorageid
940
perma-cache
HIT
cdn-storageserver
NY-267
cdn-cachedat
11/22/2023 02:12:56
cdn-pullzone
602660
last-modified
Wed, 19 Oct 2022 23:21:04 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
353
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"63508660-654d"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
4bc86c7459e4a2cb3ad9359f0edc0fd8
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
trinity.json
apex.go.sonobi.com/ 		0
0
bid
ap.lijit.com/rtb/ 		25 B
525 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.16.0
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
32f864e9339d3098d0edd89674ecbde7fcd10cc5677cab6fc6c23eacd94f29b8

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 22 Jan 2024 18:43:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.5esrd.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
prebid.media.net/rtb/ 		1 KB
772 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
29dd3dd65ecc23716091c9fa1d3c063b5cf52333b39214176b8b2c85f57ad263

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:50 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
146
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 18:43:51 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		192 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:12::500 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
945f09bf766708b35df35ee4a36d87ae9cb12b67c39ec3b717f5b9d0325decd7

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
192
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e0774a9eb51266a63771a36ec16e4d63fec41a0a76935c48acfd79cb521bac4c

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 22 Jan 2024 18:43:51 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
64ad08781b504dd7d06be9f7
prebid.cootlogix.com/prebid/multi/ 		0
946 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/64ad08781b504dd7d06be9f7
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.244.160.239 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
cdb
bidder.criteo.com/ 		0
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.16.0&cb=47482151348&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
14 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
818 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.16.0&referrer=https%3A%2F%2Fwww.5esrd.com%2F&tmax=1200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.163.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-163-95.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
accept-ch
sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=299512
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670b99de51bf43d0aca4ead7a22766669bcb32dc7f8fefff39674c3a1b017318

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sinP2FXik36gSDdOYYthy2dt882%2BEEJWkiIqBQe9AlueNXz9Yf4tkbbJ3hYJoCJ6g18HXusHR681HGhwsWLog%2BCNTVPAQUuXleepbKc72DzCknpPAb7v7MwDMJyQp1Jd%2F09BdvS2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8499f1e40ac736da-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
576 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
an-x-request-uuid
cfda2a56-1220-4892-944e-4ceba1b3e579
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
buy-button-storefront.min.js
sdks.shopifycdn.com/buy-button/latest/ 		366 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf41f73936eefaed7c45ed6df28b056c2e1f7b44b0ffe63d56d07d081cf7f428
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
414
content-encoding
br
server-timing
imagery;dur=209.819, imageryFetch;dur=209.582, cfRequestDuration;dur=24.999857
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
66cea53e-7dc9-43f2-8320-ee4cd5298871
last-modified
Mon, 22 Jan 2024 18:14:43 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3exr06CiAg%2BESOFNc%2FFcgrXhTgwxpUyO%2BlQw6dj%2FW8eROCW6LjZwjADTEIa9e%2FAGcxpqYfsDwKj%2BKyqXVmrokmRVpA0hjJYCNHF1003pkBy0PbZD1axdua%2BunB1%2Fq%2BRncU1IEuE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
timing-allow-origin
*
link
<https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js>; rel="canonical"
cf-ray
8499f1f42d8ea241-YYZ
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame A300 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3814
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 17:40:17 GMT
etag
9219409622527106327
expires
Mon, 05 Feb 2024 17:40:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
userinfo.php
www.5esrd.com/accountproxy/ 		228 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/accountproxy/userinfo.php?site=www.5esrd.com&callback=jQuery1124019334300289304074_1705949030386&_=1705949030387
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
278069e8c32be6913a47d3f7d8eac059e3099d066c1f1e382a6f613f8c747515

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.5esrd.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:51 GMT
Content-Encoding
gzip
X-OGN-PHP
srdsites-accountproxy
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
announcement.php
www.5esrd.com/ajaxproxy/
Redirect Chain
  • https://www.5esrd.com/wp-admin/admin-ajax.php?action=ogn_getannouncement
  • https://www.5esrd.com/ajaxproxy/announcement.php?action=ogn_getannouncement
664 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.5esrd.com/ajaxproxy/announcement.php?action=ogn_getannouncement
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
63c5424b56c8619866cf82c76998bca4dcfbb36acbb76b5ba8099c917c7b2b0a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Mon, 22 Jan 2024 18:43:51 GMT
Content-Encoding
gzip
X-OGN-PHP
srdsites-ajaxproxy
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
maxage=3600
Connection
keep-alive
Expires
Mon, 22 Jan 2024 19:43:51 GMT

Redirect headers

Location
https://www.5esrd.com/ajaxproxy/announcement.php?action=ogn_getannouncement
Date
Mon, 22 Jan 2024 18:43:51 GMT
X-OGN-PHP
srdsites
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
178
Content-Type
text/html
collect
www.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YS1HY85X30&gtm=45je41h0v9101488568&_p=1705949030903&gcd=11l1l1l1l1&dma=0&cid=1616036504.1705949031&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705949031&sct=1&seg=0&dl=https%3A%2F%2Fwww.5esrd.com%2F&dt=5th%20Edition%20SRD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2400
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YS1HY85X30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ognbar.min.css
account.opengamingnetwork.com/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.opengamingnetwork.com/css/ognbar.min.css
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2c31431957bd7f8b6934cd2c5bace03445552bba8fa9bd5e99e29dae1dc0fac3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:51 GMT
Last-Modified
Wed, 22 Mar 2023 13:11:37 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"641afe89-414"
Content-Type
text/css
Cache-Control
max-age=120
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1044
ognsites
account.opengamingnetwork.com/api/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://account.opengamingnetwork.com/api/ognsites
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.164.217.55 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
srdserver.opengamingnetwork.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d945b38d1109e82dad3088ce7465a573635e411fcf7d72b105aaede031feab60
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *.d20pfsrd.com *.opengamingnetwork.com *.5esrd.com *.35srd.com *.d20herosrd.com *.d20swsrd.com *.dungeonworldsrd.com *.starfindersrd.com *.starjammersrd.com *.traveller-srd.com *.d20modernpf.com *.4csrd.com *.nitropay.com ; frame-ancestors 'self' *.d20pfsrd.com *.opengamingnetwork.com *.5esrd.com *.35srd.com *.d20herosrd.com *.d20swsrd.com *.dungeonworldsrd.com *.starfindersrd.com *.starjammersrd.com *.traveller-srd.com *.d20modernpf.com *.4csrd.com *.nitropay.com ;

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:51 GMT
Content-Security-Policy
default-src 'self' 'unsafe-inline' *.d20pfsrd.com *.opengamingnetwork.com *.5esrd.com *.35srd.com *.d20herosrd.com *.d20swsrd.com *.dungeonworldsrd.com *.starfindersrd.com *.starjammersrd.com *.traveller-srd.com *.d20modernpf.com *.4csrd.com *.nitropay.com ; frame-ancestors 'self' *.d20pfsrd.com *.opengamingnetwork.com *.5esrd.com *.35srd.com *.d20herosrd.com *.d20swsrd.com *.dungeonworldsrd.com *.starfindersrd.com *.starjammersrd.com *.traveller-srd.com *.d20modernpf.com *.4csrd.com *.nitropay.com ;
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-OGN-CONFIG
account
Expires
Thu, 19 Nov 1981 08:52:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=299512
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb1dcf24c5833050db57433b59471a450ae121f47e044e646fdb7684072de6d9

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNUm4o%2F6OHHj4F9vE40vfgBev0dujfy8OZ2zhH6%2BshGBcn1oo%2Be35sJBmLHmdcgtCM91mpCzWQYzQjdcT71rK6carde1oS6GdglYl74i1ibzBulLhemXz%2FBaPZfv6Hx5J8zorGTw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8499f1e9bfa636da-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
64ad08781b504dd7d06be9f7
prebid.cootlogix.com/prebid/multi/ 		0
816 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/64ad08781b504dd7d06be9f7
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.244.160.239 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:52 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
bid
ap.lijit.com/rtb/ 		25 B
525 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.16.0
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
33bea4ef0932733163e7d94500347fec6c92b4249999a2b2d2149140132e7820

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 22 Jan 2024 18:43:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.5esrd.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
translator
hbopenbid.pubmatic.com/ 		0
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		140 B
698 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a3f7cc1e5979d74387e0fe9a1cab7a59c5141eb260b26f4b74789ba1101fe387
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
an-x-request-uuid
4e804149-21aa-4d62-b5b5-06449d09d3b6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.16.0&cb=28862430049&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
14 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
770 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
47de60f4759ef636f01760a42a7b187cc02c407d21410fa1811337f550d8a8eb

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:52 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
119
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 18:43:51 GMT
auction
tlx.3lift.com/header/ 		19 B
819 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.16.0&referrer=https%3A%2F%2Fwww.5esrd.com%2F&tmax=1200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.163.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-163-95.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
accept-ch
sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
trinity.json
apex.go.sonobi.com/ 		0
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
a985e8b917877fb32fd337d39e7632e93d9c78a2f540acc777898607a88afe54

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 22 Jan 2024 18:43:52 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		194 B
681 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:12::500 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
65bbe66aeafba11593573bdee6f73975efa7e357c23956f596480d503121877c

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:52 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
194
expires
0
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 23 Jan 2024 18:43:53 GMT
102
t.nit.ro/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.nit.ro/i/102?d=eyJhZFVuaXRDb2RlIjoibml0cm9wYXktNWVzcmQtbGVmdC1sb3dlciIsImJpZGRlciI6ImJsYW5rIiwiaGVpZ2h0IjowLCJ3aWR0aCI6MCwiY3BtIjowLCJjcmVhdGl2ZUlkIjoiIiwiaHJlZiI6Imh0dHBzOi8vd3d3LjVlc3JkLmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwicmVxdWVzdElkIjoiMDE4ZDMyN2MtNjkyZi03MDAwLTg0NjQtYTVkZDViNDVhZjg0IiwidGltZVRvUmVzcG9uZCI6MCwiYyI6IkNBIiwiciI6IlFDIiwidHlwZSI6MCwiZHVyYXRpb24iOjAsInJlZnJlc2giOmZhbHNlLCJ0aW1lc3RhbXAiOjE3MDU5NDkwMzE5Mzh9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.189.147 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
147.189.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cloud-trace-context
b838050e4358853e4fb3722e355cf09e
date
Mon, 22 Jan 2024 18:43:51 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
bid
ap.lijit.com/rtb/ 		25 B
525 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.16.0
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
d2e4d8ec9342ec72ee637b75d2de575393b98ad44139feedac1d66144f579786

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 22 Jan 2024 18:43:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.5esrd.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
prebid.media.net/rtb/ 		1 KB
795 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
f884bcdc85f67771def8e45c20a55ddb0587204f3d62403dcd5846b5c7bbf456

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:51 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
153
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 18:43:52 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
318 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=299511
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f325dea70d549641f861837cd2f731691f3190266e182b16a65e1e8a010e23a

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAdDRAxMqUixdkgYMpyhJhOPI2RcvrEBsrm5dHYC8%2FvQplWcVdaHLuhDBN3tw4utIhrOcMlZye2U0SN5%2F7jeHjQO5vntyIi3RW%2FAcL%2BYqm%2BlOqZfDypgtzJysYb2voX%2BMfvwSFjc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8499f1ea086736da-YYZ
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
v1
btlr.sharethrough.com/universal/ 		0
14 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
14 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
colossusssp.com/ 		2 B
137 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.69.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:52 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ea16ede63fb4be507a3a5ece76f4e87bfa0e4967ab0be4109af4fd960ae7747b

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 22 Jan 2024 18:43:52 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
a8a4b3ba55506c8bf9258491141d74403219b93e58e893be712b486615c271a3

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 22 Jan 2024 18:43:52 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
trinity.json
apex.go.sonobi.com/ 		0
0
cdb
bidder.criteo.com/ 		0
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.16.0&cb=41962419498&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:51 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		252 B
810 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b828f0c8c58549d4ce0204ffeab54cc4c747467fada7e3313276c8572482307
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:52 GMT
an-x-request-uuid
c71fa0df-8cf7-4313-8aef-bd6e844b7984
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
252
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
835 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.16.0&referrer=https%3A%2F%2Fwww.5esrd.com%2F&tmax=1200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.163.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-163-95.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:52 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
12, 12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		194 B
681 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:12::500 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
22d5657656b5232f40d005f520f54672d4dee9add51db693d71fb7d5e94b0cc4

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:52 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
194
expires
0
64ad08781b504dd7d06be9f7
prebid.cootlogix.com/prebid/multi/ 		0
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/64ad08781b504dd7d06be9f7
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.244.160.239 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:52 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
102
t.nit.ro/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.nit.ro/i/102?d=eyJhZFVuaXRDb2RlIjoibml0cm9wYXktNWVzcmQtbGVmdC11cHBlciIsImJpZGRlciI6ImJsYW5rIiwiaGVpZ2h0IjowLCJ3aWR0aCI6MCwiY3BtIjowLCJjcmVhdGl2ZUlkIjoiIiwiaHJlZiI6Imh0dHBzOi8vd3d3LjVlc3JkLmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwicmVxdWVzdElkIjoiMDE4ZDMyN2MtNjk2My03MDAwLTkyMmItYzY2ZTJhYTYxMmU4IiwidGltZVRvUmVzcG9uZCI6MCwiYyI6IkNBIiwiciI6IlFDIiwidHlwZSI6MCwiZHVyYXRpb24iOjAsInJlZnJlc2giOmZhbHNlLCJ0aW1lc3RhbXAiOjE3MDU5NDkwMzE5ODR9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.189.147 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
147.189.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cloud-trace-context
b9bbb9f36ab605030f9df3e5bab3a57c
date
Mon, 22 Jan 2024 18:43:52 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 Jan 2024 18:43:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1549837
x-guploader-uploadid
ABPtcPq4NT1ZuvVThBw6ycEphJ3ygn-xPkVcUycFebBzSRGYP7sJSkF_rRbB8FBgNRCWqsxsh7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1l2YW%2Bh3tazcnzGnmShkOCDt7gzOc7EJwMxNdYIGg34%2BmkdBV95czr1Boc3hOlyXWpb47U5t3GB0WABmqMvAUHol3c23U%2BNBSF17H4NoPFuRdtlWsCR%2FO4mu7tuHgOMV%2FTgWxsyWCZSPq4cag%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8499f1fc592f5443-YYZ
expires
Thu, 04 Jan 2024 20:16:49 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 10:59:35 GMT
px.gif
ad-delivery.net/ 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.8019063946106977
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1549837
x-guploader-uploadid
ABPtcPq4NT1ZuvVThBw6ycEphJ3ygn-xPkVcUycFebBzSRGYP7sJSkF_rRbB8FBgNRCWqsxsh7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZCuETn0F3wGL1YIkKhz%2Fppr6711QNy6IjsFHzRIE%2F4qCc7IQAiAD5f%2FKtpJEbPZRroNhuqYJB%2BfmfNtBmn0jqGj0JvXZBG%2FOpDQV2ACrVLjgdH%2BajaQ2g09CrebLsqw7CfR5TKR%2BP%2F3%2Bm7wnA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8499f1fc59315443-YYZ
expires
Thu, 04 Jan 2024 20:16:49 GMT
additional-consent-providers.csv
consent.nitrocnct.com/ 		116 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-1a69fb4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c19c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
448178
x-guploader-uploadid
ABPtcPqcEXt9Nr8sbFt0n_72jM3ghlSd4NpDWJ9KJTVpX51-tMOStyB-dtdM0UF3QZ8KAveluRs
x-goog-storage-class
STANDARD
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Jul 2023 07:31:30 GMT
server
cloudflare
etag
W/"81f96867523b7ea4a2f05a62b9fdf1c7"
vary
Accept-Encoding
x-goog-hash
crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
x-goog-generation
1689147090287559
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiBa6kmV%2BLKlUF4KrC2p9tuI3oB0vcTD9JsIDbq9G5tuIYGQSLK6tH5F39KlsE0fUb5LZqLYUDHdPgn7fLJg7Q6rYq%2FgdscpbMqaa6Q%2BAz%2BJx%2Bli%2BslPyJdBlsU2mQG0eyIC51w%2FTPbsmPAQC%2BH618qwFxI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
119221
cf-ray
8499f1f55b933981-YYZ
expires
Wed, 24 Jan 2024 14:14:15 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9faf92d5031707ade900a893ce95d561540cf4e8df13ccecfe2ee9c63dde01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:37:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
368
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137892
x-xss-protection
0
server
cafe
etag
15922169668158481824
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 21 Jan 2025 18:37:46 GMT
playlist
a.nitropay.com/v3/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nitropay.com/v3/playlist
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.144.237.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.237.144.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
7e2857c736157ccc10656d395441ce312ec0ae7144237ce967ecedd9f897e015

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 22 Jan 2024 18:43:53 GMT
via
1.1 google, 1.1 google
last-modified
Mon, 22 Jan 2024 18:43:53 GMT
server
Google Frontend
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
x-cloud-trace-context
898579f8561a83631c51883e162279ce
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2046
truncated
/ 		661 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e3de00694b79d67bd793fcdc2dc9af247f1d11f9937b7af212e7cba2d389e5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
da657530-03e5-4306-95bc-d4eb370426c9
config.aps.amazon-adsystem.com/configs/ 		564 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-80.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
0462e5a5daa71ff136452120c7232ee415755a2453794df0b7fb189f4b39dd48

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:31:47 GMT
via
1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
age
727
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
dZp2yS3AE1Jvbl8EDNMI1EG___u-pGJiTTT38xgHGuX1wajQnRWJaw==
config
c.amazon-adsystem.com/cdn/prod/ 		806 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.5esrd.com&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
Server /
Resource Hash
5d1f0a1ef5bc62ade3ee0ea9728e240aa2961afe24d39312d59694f01c6a6b82

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:48:21 GMT
via
1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
age
3331
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.5esrd.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
806
x-amz-cf-id
wmO3NHSokdQoUHX7WCKrlGDNwug90FAeQLyRJxbwnBpIid9CgzTqnQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		223 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.5esrd.com%2F&pid=VswHhdwW8TPji&cb=0&ws=1600x1200&v=24.116.2102&t=1200&slots=%5B%7B%22sd%22%3A%22nitropay-5esrd-left-lower%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!nitropay.com%2C51%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
5faa25a12dc00015120e427e4e758c24da18d756aa627a9907aca3f0462f48f3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cedddf018b0456d4e84e339e4b25cc2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
SBTD3FMHY6XGGD5XR337
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
223
x-amz-cf-id
Oc_Q5cDbYl73e71WPwii-wWxmJiJRdLfAYPk_d6Up_7PESL8XDFotA==
bid
aax.amazon-adsystem.com/e/dtb/ 		223 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.5esrd.com%2F&pid=VswHhdwW8TPji&cb=1&ws=1600x1200&v=24.116.2102&t=1200&slots=%5B%7B%22sd%22%3A%22nitropay-5esrd-left-upper%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!nitropay.com%2C51%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
44bb8ce390f40188c3677790c9ca78eadc0397c0ae1b0053b507425f340f3727
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cedddf018b0456d4e84e339e4b25cc2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
HJA7KTB8KT9320PCH1NA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
223
x-amz-cf-id
5zOhDR6Nz9-BcQaWdGRv62svi4FWob4Z_-s5XPZWeWaHccafAnIbcQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		735 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.5esrd.com%2F&pid=VswHhdwW8TPji&cb=2&ws=1600x1200&v=24.116.2102&t=1200&slots=%5B%7B%22sd%22%3A%22nitropay-5esrd-top%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!nitropay.com%2C51%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
cf708bae0b3a99e3a2b64241e3f3fb2b50dca4c3c4967218200700447939ee40
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cedddf018b0456d4e84e339e4b25cc2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
SE81E4QREPTV6RMRPXA5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
735
x-amz-cf-id
k6xqJgPy11_QRYrU5wDFA2DdAEb7tkXRl4BcN1X7N4qGUZXC2WhOHw==
bid
aax.amazon-adsystem.com/e/dtb/ 		223 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.5esrd.com%2F&pid=VswHhdwW8TPji&cb=3&ws=1600x1200&v=24.116.2102&t=1200&slots=%5B%7B%22sd%22%3A%22nitropay-5esrd-right-upper%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!nitropay.com%2C51%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
a9b3279098cdbf929fabc4d47cb708aa49b18b1b741da36ce68b97c5508f61f4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cedddf018b0456d4e84e339e4b25cc2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
CJS5TT449BHYZVGQGKBH
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
223
x-amz-cf-id
I8MnPRitCyYEm6SoGSoofDDZwaKiCm6fk8RbfrgKsTH8-eV6AucGsw==
bid
aax.amazon-adsystem.com/e/dtb/ 		223 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.5esrd.com%2F&pid=VswHhdwW8TPji&cb=4&ws=1600x1200&v=24.116.2102&t=1200&slots=%5B%7B%22sd%22%3A%22nitropay-5esrd-right-lower%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!nitropay.com%2C51%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
081cf6345ca702eb4b0c3889b85b6b0db97908547b73a3b5f476a34811e4ed4f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cedddf018b0456d4e84e339e4b25cc2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
690C5P2EQ61TWRFXE8XP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
223
x-amz-cf-id
3VqjnwoSlAjcTKeVF6xz5--sgPuo4aXVn66W8UP8wbLxBhLx_GmdZw==
bid
aax.amazon-adsystem.com/e/dtb/ 		742 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.5esrd.com%2F&pid=VswHhdwW8TPji&cb=5&ws=1600x1200&v=24.116.2102&t=1200&slots=%5B%7B%22sd%22%3A%22article-content-auto-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!nitropay.com%2C51%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
971788083e8b8084b04212dbb46e70e4e8b9c4b81491f184141a4cebdea18ba1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cedddf018b0456d4e84e339e4b25cc2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
3TWWB89NXNK195QJ8YM4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
742
x-amz-cf-id
dNu1pfoKXp3rt2MKMuaQ97dHYOsMcGmeSu3khtXWerFTNQESr7qfQw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:17:02 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
34013
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
6vl-Jwzp611iyi8XkXudNAEdQ2C6ojoNI4oUTTEYE3nX-ItQPjTWIA==
produce
monorail-edge.shopifysvc.com/v1/ 		0
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.57.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
242.57.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
via
1.1 google
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
0a200dd8-ff97-4f57-9f44-cd908e035041
ima.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:35 GMT
server
cloudflare
age
427110
etag
W/"65833ebf-2810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8499f1fca80fa1f8-YYZ
expires
Thu, 25 Jan 2024 18:43:55 GMT
manifest.mpd
nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/manifest.mpd
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1067:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1067 /
Resource Hash
b21ca8820092f25274b365f90f6e54f2434a3556e1bd930d3ede45849029489d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
cdn-edgestorageid
845
perma-cache
HIT
cdn-storageserver
NY-346
cdn-cachedat
11/06/2023 23:39:39
cdn-pullzone
787688
content-length
3340
last-modified
Mon, 06 Nov 2023 23:26:57 GMT
server
BunnyCDN-IL1-1067
cdn-fileserver
719
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
application/dash+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
8948db635f523da7ff7ece90c0ded558
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ 		253 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83050dcbb586aef632ab267b90d3a108fe6f7cb8c7ec80c010603b8b58025807

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		315 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d665d55cbf98b91edfa41f6bb5f3c97fe813c8cb4690522e2610cd78da67700

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
manifest.mpd
nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/ 		0
0
iu3
s.amazon-adsystem.com/ Frame 28FD
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&dcc=t
393 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f5742898563956eddab2c7d9c3568b0ef85ee3f4bf250e0bd6144cae1b9e2578
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
393
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 22 Jan 2024 18:43:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
R7VM9HZW9KWJV8WYJNQM

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 22 Jan 2024 18:43:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CNBH6BQ44B3PMSG17Y0W
truncated
/ 		425 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f62a4acbbff9aa8522dee2631be35333fdfc666f683019923e780ce677be7b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
fld0000000000.m4s
nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/ 		675 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/fld0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1067:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1067 /
Resource Hash
22ef4d1c10ffa6b9c6e743a2b6b8872bc25ba4680f139a02b36a828bef31320e

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-674

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
cdn-edgestorageid
1070
perma-cache
HIT
cdn-storageserver
NY-267
Content-Range
bytes 0-674/1641728
cdn-cachedat
01/03/2024 14:48:41
cdn-pullzone
787688
Content-Length
675
last-modified
Mon, 06 Nov 2023 23:26:57 GMT
server
BunnyCDN-IL1-1067
cdn-fileserver
695
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp4
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
002716ac1e932ac8fece26c8987dc6d9
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
a0000000000.m4s
nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/ 		594 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/a0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1067:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1067 /
Resource Hash
d8b3c4314237df1c0c5b38474988a046954f4cd8bc5dffe46229aa3884867b0a

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-593

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
cdn-edgestorageid
718
perma-cache
HIT
cdn-storageserver
NY-268
Content-Range
bytes 0-593/412078
cdn-cachedat
01/03/2024 15:11:05
cdn-pullzone
787688
Content-Length
594
last-modified
Mon, 06 Nov 2023 23:26:57 GMT
server
BunnyCDN-IL1-1067
cdn-fileserver
703
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
audio/mp4
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
a1ada0c45e07730d841ad3d0f1280fb7
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
fld0000000000.m4s
nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/ 		141 KB
142 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/fld0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1067:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1067 /
Resource Hash
0137fd5d5321eada7cd1375a537f0f39579ac3331854cae45dcc3cefb4ccc83f

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=675-144941

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
cdn-edgestorageid
1070
perma-cache
HIT
cdn-storageserver
NY-267
Content-Range
bytes 675-144941/1641728
cdn-cachedat
01/03/2024 14:48:41
cdn-pullzone
787688
Content-Length
144267
last-modified
Mon, 06 Nov 2023 23:26:57 GMT
server
BunnyCDN-IL1-1067
cdn-fileserver
695
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp4
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
57f2e46e02cb7a58d949713bdf1ce3b9
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4489326509005891&correlator=4241105959119088&eid=31079956%2C31079959%2C31080585%2C95320409%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fif&us_privacy=1---&gpp=GPP_ERROR_STRING_IS_DEPRECATED_SPEC&iu_parts=308365556%3A22580876450%2Cnadx&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705949034787&lmt=1705727388&adxs=216&adys=61&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.5esrd.com%2F&vis=1&psz=1393x90&msz=1378x90&fws=0&ohw=0&ga_vid=1616036504.1705949031&ga_sid=1705949035&ga_hid=940055136&ga_fc=true&dlt=1705949029832&idt=4912&prev_scp=ncpm%3D0.00%26refresh%3D30%26domain%3D5esrd.com%26hostname%3Dwww.5esrd.com%26contax%3D272%2C246&adks=1061454547&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55ead117a30943812f4c908cdb1e4bb0f28a05204571dcf685f093531bda6def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14808
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		606 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4489326509005891&correlator=48837918138943&eid=31079956%2C31079959%2C31080585%2C95320409%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fif&us_privacy=1---&gpp=GPP_ERROR_STRING_IS_DEPRECATED_SPEC&iu_parts=308365556%3A22580876450%2Cnadx&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705949034797&lmt=1705727388&adxs=1399&adys=242&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.5esrd.com%2F&vis=1&psz=160x600&msz=160x600&fws=4&ohw=160&ga_vid=1616036504.1705949031&ga_sid=1705949035&ga_hid=940055136&ga_fc=true&dlt=1705949029832&idt=4912&prev_scp=ncpm%3D0.00%26refresh%3D30%26domain%3D5esrd.com%26hostname%3Dwww.5esrd.com%26contax%3D272%2C246&adks=2139839144&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3313b2914d57463d0310f8a4f4a886e7d4a42fad071f128b8b41fb4e59c2081b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
268
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		91 KB
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4489326509005891&correlator=4438692503728975&eid=31079956%2C31079959%2C31080585%2C95320409%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fif&us_privacy=1---&gpp=GPP_ERROR_STRING_IS_DEPRECATED_SPEC&iu_parts=308365556%3A22580876450%2Cnadx&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705949034801&lmt=1705727388&adxs=1399&adys=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.5esrd.com%2F&vis=1&psz=160x600&msz=160x600&fws=516&ohw=160&ga_vid=1616036504.1705949031&ga_sid=1705949035&ga_hid=940055136&ga_fc=true&dlt=1705949029832&idt=4912&prev_scp=ncpm%3D0.00%26refresh%3D30%26domain%3D5esrd.com%26hostname%3Dwww.5esrd.com%26contax%3D272%2C246&adks=1521766086&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29190ff7a2219a8ee64b599316f01317434887025a4ada3d70d894719afa2d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43224
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		109 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4489326509005891&correlator=2284170175567070&eid=31079956%2C31079959%2C31080585%2C95320409%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fif&us_privacy=1---&gpp=GPP_ERROR_STRING_IS_DEPRECATED_SPEC&iu_parts=308365556%3A22580876450%2Cnadx&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x50&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705949034804&lmt=1705727388&adxs=482&adys=1274&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.5esrd.com%2F&vis=1&psz=300x250&msz=300x50&fws=516&ohw=1131&ga_vid=1616036504.1705949031&ga_sid=1705949035&ga_hid=940055136&ga_fc=true&dlt=1705949029832&idt=4912&prev_scp=ncpm%3D0.00%26refresh%3D120%26domain%3D5esrd.com%26hostname%3Dwww.5esrd.com%26contax%3D272%2C246&adks=2729395440&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c8b62738dde1fdf8e80a8b03af8c35d90021aa4c9882735777090d5ee3e179c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45189
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AF19 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 18:43:55 GMT
expires
Tue, 21 Jan 2025 18:43:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
a0000000000.m4s
nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/ 		52 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/a0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1067:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1067 /
Resource Hash
8b816cb4a6f82b4966260449a93e2be5011c1b0e02b08c57786d8ff96ebf0570

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=594-54205

Response headers

date
Mon, 22 Jan 2024 18:43:54 GMT
cdn-edgestorageid
718
perma-cache
HIT
cdn-storageserver
NY-268
Content-Range
bytes 594-54205/412078
cdn-cachedat
01/03/2024 15:11:05
cdn-pullzone
787688
Content-Length
53612
last-modified
Mon, 06 Nov 2023 23:26:57 GMT
server
BunnyCDN-IL1-1067
cdn-fileserver
703
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
audio/mp4
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
33ad2099d4296fe51dd712351a237859
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
rid
match.adsrvr.org/track/ 		109 B
566 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=aqo03op&fmt=json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
878a737eb274ccfb9c0945824dc354469cc09f976e70f21f44cf5581c8b81603

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.5esrd.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 21 Feb 2024 18:43:55 GMT
pr
s.amazon-adsystem.com/v3/ Frame A917 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d96c2f98e6e40fb290f3518e59412574cd7e08979c1b402440463eb504ea5c26
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3774
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 22 Jan 2024 18:43:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
95J33725ENBWV43MV8YP
fld0000000000.m4s
nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/ 		313 KB
314 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/fld0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1067:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1067 /
Resource Hash
220d44f45c176fedb1ed0ea9dc8d68d13c63d01558a0448e312af2c85efd00e3

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=144942-465218

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
cdn-edgestorageid
1070
perma-cache
HIT
cdn-storageserver
NY-267
Content-Range
bytes 144942-465218/1641728
cdn-cachedat
01/03/2024 14:48:41
cdn-pullzone
787688
Content-Length
320277
last-modified
Mon, 06 Nov 2023 23:26:57 GMT
server
BunnyCDN-IL1-1067
cdn-fileserver
695
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp4
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
1dcfbb37e64a10583f6f8dad882b86cc
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ecm3
s.amazon-adsystem.com/ Frame A917
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=58fbe5a9-b66f-4901-b450-6160664523f2
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=58fbe5a9-b66f-4901-b450-6160664523f2
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T86A59ND3SYX5WZ11ARP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=58fbe5a9-b66f-4901-b450-6160664523f2
date
Mon, 22 Jan 2024 18:43:55 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame A917
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3489506357034093000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3489506357034093000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MM955HPC933DJNB1CWYH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3489506357034093000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 22 Jan 2024 18:43:55 GMT
ecm3
s.amazon-adsystem.com/ Frame A917
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AABf_k7LXW8AABMaNAEM6g&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AABf_k7LXW8AABMaNAEM6g&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BCS9KZ5ZK73PN8GY79ZV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AABf_k7LXW8AABMaNAEM6g&ex=beeswax.com
Date
Mon, 22 Jan 2024 18:43:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame A917
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=3F66180D3274469DA5E9643B9D81CE1D&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=3F66180D3274469DA5E9643B9D81CE1D&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N3FHXGVBZ6YHSM8FED0R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 22 Jan 2024 18:43:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=3F66180D3274469DA5E9643B9D81CE1D&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 21 Jan 2024 18:43:55 GMT
ecm3
s.amazon-adsystem.com/ Frame A917
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e6ff8e94f26kp8a00lrpa0c71
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e6ff8e94f26kp8a00lrpa0c71
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H4685M75YPKXXDSNPJE2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 22 Jan 2024 18:43:55 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e6ff8e94f26kp8a00lrpa0c71
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame A917
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=R6szywjTxz4ISx9CzGYb
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=R6szywjTxz4ISx9CzGYb
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2KAATDW9F9F975QNEYED
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=R6szywjTxz4ISx9CzGYb
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C059
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b16d63b8f092de9e01e964c18209243df0092cff254cb533264bef724ae0689c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8499f1fdfabba241-YYZ
content-encoding
br
content-type
text/html
date
Mon, 22 Jan 2024 18:43:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aU%2BQbqxRju7MFTP7mA6zGsTG0Fu%2FXMwr%2Bv%2B93lw4Y%2FfdwZWCWOoWux9MfR1vfh9gSix7%2Bn1HY3RqSpFE3Lrdq5FIFaJcEOAnV%2FOrpE8RXZscy0YWPPkZ9CHZcgEfoyIm1uzvynCl9YBUw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8499f1fd495436da-YYZ
content-length
0
date
Mon, 22 Jan 2024 18:43:55 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfJYnWGcOk%2FWTP6P2voPgE6O4rAUEdCHenELSwknRCHAGWduEHCFskRN%2B1A0g0ZpKHQKsF02fyMBm7JbISNUpE4cO2pZIpdsDbQNANqzV3F6jZ%2B3hd8Sd3Sx2bk%2BB0s2wOjDuW8chChWbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
uc.html
sync.go.sonobi.com/ Frame A781 		0
0
cm
u.openx.net/w/1.0/ Frame 4BC8
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
802 B
785 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2719c149ed1b28cce6d87b2edebb10026164e1759720db03ea76e131b34512bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
460
content-type
text/html
date
Mon, 22 Jan 2024 18:43:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 Jan 2024 18:43:55 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame B8ED
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035435
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035435
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 Jan 2024 18:43:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QDAVPAAX9VSGH7VGASFN

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Mon, 22 Jan 2024 18:43:55 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035435
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
/
match.sharethrough.com/jwumXNuB/v1/ Frame BE68 		646 B
831 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.32.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-32-60.compute-1.amazonaws.com
Software
/
Resource Hash
1c1ba3b2024845feed6b7820733d0af687dda5ba6bfba8c2bc75a0c8018fc626

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
646
date
Mon, 22 Jan 2024 18:43:55 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 13CC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.124.197 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-124-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=122551
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 22 Jan 2024 18:43:55 GMT
expires
Wed, 24 Jan 2024 04:46:26 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 64AF
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
849 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
521bbdb45dff374d52d9ba55e7e058915e3d925959d33f9b3bd9c31effa666ce
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
849
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6658dc8946-t7xjm
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-6658dc8946-t7xjm
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame F6C3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=5264239699130614520&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=5264239699130614520&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 Jan 2024 18:43:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
0Q6RSJZ2R8KNDCWGJH45

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
2b14af59-aaa9-4de1-9602-77535045e893
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 22 Jan 2024 18:43:55 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=5264239699130614520&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame 156C
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
559c10a18484c580ce28fa0c6ef3b808ec01af16fbf3b846b3ef45bec8705b97

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
510
Content-Type
text/html
Date
Mon, 22 Jan 2024 18:43:55 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1dca1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
ecm3
s.amazon-adsystem.com/ Frame 7561
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1331579128763342695977
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1331579128763342695977
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 Jan 2024 18:43:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
0SRY0EN5VT7E11R2CD7M

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 22 Jan 2024 18:43:55 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1331579128763342695977
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 23 Jan 2024 18:43:55 GMT
a0000000000.m4s
nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/ 		52 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/a0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1067:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1067 /
Resource Hash
a8772d530443a16e246c5c24979c536e33d41c1f0e12f4e1144a48190d841c41

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=54206-107157

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
cdn-edgestorageid
718
perma-cache
HIT
cdn-storageserver
NY-268
Content-Range
bytes 54206-107157/412078
cdn-cachedat
01/03/2024 15:11:05
cdn-pullzone
787688
Content-Length
52952
last-modified
Mon, 06 Nov 2023 23:26:57 GMT
server
BunnyCDN-IL1-1067
cdn-fileserver
703
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
audio/mp4
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
c97102e1b393e03fd321a625f6a1e918
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
prebid
prebid.media.net/rtb/ 		1 KB
734 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
ee3f582e98dd2d07c9b0da18697fe6a29984354c48e8ad5c4ea5d51a8f82c6ce

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 18:43:55 GMT
v1
btlr.sharethrough.com/universal/ 		0
37 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:54 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		53 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
fd3b428fbbdee0b29ab06528774db760883daed342b0ea16f9a60e315d048c69

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
trinity.json
apex.go.sonobi.com/ 		0
0
cdb
bidder.criteo.com/ 		0
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=139&profileId=185&av=36&wv=8.16.0&cb=98834249914
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:55 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
819 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.16.0&referrer=https%3A%2F%2Fwww.5esrd.com%2F&tmax=1200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.163.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-163-95.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
accept-ch
user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width
x-auction-status
29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.5esrd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
697 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
699dbb2e5e72102daae5ed65405810601f6df82c221c2b9a39d5e0b5d2a3b615
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
an-x-request-uuid
29140f2d-47ef-4807-af48-c12266dfbab4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.5esrd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		223 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.5esrd.com%2F&pid=VswHhdwW8TPji&cb=6&ws=1600x1200&v=24.116.2102&t=1200&slots=%5B%7B%22id%22%3A%22instream%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!nitropay.com%2C51%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e2eb1d8d-7f87-423d-9c7d-8d4b355e167b%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
24a78517ae6a454ffaf2b26315ea2a1383d893694a28abf6ed2a4a1921b03bed
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cedddf018b0456d4e84e339e4b25cc2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
D6TM6M3NY3NV5G3V40QE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.5esrd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
223
x-amz-cf-id
Htjid9QRXtSeu2t2_CpJSJpOln2LfdSPy-epRrK-_-g3pP7wuKZgxA==
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=TW1Hao37l&w=4822972266184704&o=6278260873756672&cv=2.1.27-2-g1727909&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.5esrd.com%2F&sid=X1sZqntSx&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 Jan 2024 18:43:55 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
container.html
4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B55F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 18:43:55 GMT
expires
Tue, 21 Jan 2025 18:43:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
102
t.nit.ro/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.nit.ro/i/102?d=eyJhZFVuaXRDb2RlIjoibml0cm9wYXktNWVzcmQtdG9wIiwiYmlkZGVyIjoiYWR4IiwiaGVpZ2h0Ijo5MCwid2lkdGgiOjk3MCwiY3BtIjowLCJjcmVhdGl2ZUlkIjoiIiwiaHJlZiI6Imh0dHBzOi8vd3d3LjVlc3JkLmNvbS8iLCJ0aW1lVG9SZXNwb25kIjo0MjAsImFjY2VwdGFibGUiOmZhbHNlLCJyZXF1ZXN0SWQiOiIwMThkMzI3Yy02OTgxLTcwMDAtYmQyMy0xOTg1NzczM2NkNzMiLCJjIjoiQ0EiLCJyIjoiUUMiLCJ0eXBlIjowLCJkdXJhdGlvbiI6MCwicmVmcmVzaCI6ZmFsc2UsInRpbWVzdGFtcCI6MTcwNTk0OTAzNTE4MH0%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.189.147 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
147.189.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cloud-trace-context
5962f92fe8d7cb47e2227f575c4a26fa
date
Mon, 22 Jan 2024 18:43:55 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
n.svg
s.nitropay.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/n.svg
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c42391fc43043ff71e168a5b881e9ed95bd1e18480f8d2dc5dc77e9624f7797
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
510
x-guploader-uploadid
ABPtcPoyVA9QOVsH9GOwwbnIMb_0JSPRp0auuc_HskVynk-5PXADHSEydNiw1PW-D_uu1K6I7JY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 05 Oct 2022 06:19:07 GMT
server
cloudflare
etag
W/"47ce57ca1cac5f9545f1e2fb9c6bd90d"
vary
Accept-Encoding
x-goog-hash
crc32c=Tm86FQ==, md5=R85XyhysX5VF8eL7nGvZDQ==
x-goog-generation
1664950747723912
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1437
cf-ray
8499f2002aac5497-YYZ
expires
Mon, 22 Jan 2024 19:35:25 GMT
26a0.svg
s.w.org/images/core/emoji/11/svg/ 		548 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/11/svg/26a0.svg
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
03382ac2fd7fe0d58ae2f81964b332bd34dfc9cc5145a10e61cb5e776aef5e2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 08 Jun 2018 13:09:43 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
container.html
4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD6C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 18:43:55 GMT
expires
Tue, 21 Jan 2025 18:43:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
102
t.nit.ro/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.nit.ro/i/102?d=eyJhZFVuaXRDb2RlIjoibml0cm9wYXktNWVzcmQtcmlnaHQtbG93ZXIiLCJiaWRkZXIiOiJhZHgiLCJoZWlnaHQiOjYwMCwid2lkdGgiOjE2MCwiY3BtIjowLCJjcmVhdGl2ZUlkIjoiIiwiaHJlZiI6Imh0dHBzOi8vd3d3LjVlc3JkLmNvbS8iLCJ0aW1lVG9SZXNwb25kIjo0NTQsImFjY2VwdGFibGUiOmZhbHNlLCJyZXF1ZXN0SWQiOiIwMThkMzI3Yy02OWYxLTcwMDAtOTI1OC1lODIyNWU2ZjRlYTkiLCJjIjoiQ0EiLCJyIjoiUUMiLCJ0eXBlIjowLCJkdXJhdGlvbiI6MCwicmVmcmVzaCI6ZmFsc2UsInRpbWVzdGFtcCI6MTcwNTk0OTAzNTIxN30%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.189.147 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
147.189.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cloud-trace-context
bf5be9bcae29504cc1458c0fe67eba99
date
Mon, 22 Jan 2024 18:43:55 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
102
t.nit.ro/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.nit.ro/i/102?d=eyJhZFVuaXRDb2RlIjoibml0cm9wYXktNWVzcmQtcmlnaHQtdXBwZXIiLCJiaWRkZXIiOiJibGFuayIsImhlaWdodCI6MCwid2lkdGgiOjAsImNwbSI6MCwiY3JlYXRpdmVJZCI6IiIsImhyZWYiOiJodHRwczovL3d3dy41ZXNyZC5jb20vIiwiYWNjZXB0YWJsZSI6ZmFsc2UsInJlcXVlc3RJZCI6IjAxOGQzMjdjLTY5ZDEtNzAwMC1iYzdiLTUwYmY0YzkzNjE4MiIsInRpbWVUb1Jlc3BvbmQiOjAsImMiOiJDQSIsInIiOiJRQyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzA1OTQ5MDM1MjYwfQ%3D%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.189.147 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
147.189.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cloud-trace-context
770d66f2ac649b8aec0bfe4e582a4b44
date
Mon, 22 Jan 2024 18:43:55 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
crum
dsum-sec.casalemedia.com/ Frame C059
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Za63a9ER0Ln7WCxCRQYqhAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAkT0WIiY4r6hLemPGL7sJ8&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAkT0WIiY4r6hLemPGL7sJ8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00Lw0nq5KBXlxlr4mHXrNus6jxxhEsDiAsvcQ65jhQgL%2BI1%2BUOX3P%2BLNNv3epuUos8aE%2FU7lAgsbDn1fpsaSqG62oBsUGBemNhfC3WEtsevk0fChcJaD2tB%2BDCxy%2BDYSFsb5xwdpIG2sLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8499f201ba6ca241-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAkT0WIiY4r6hLemPGL7sJ8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C059
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Za63a9ER0Ln7WCxCRQYqhAAADjkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHkr_l2KenQmLm1Tm0kcPZU&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHkr_l2KenQmLm1Tm0kcPZU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOMDW5mTZPkhdMh%2FJsPiXsu9DDfhW0ur%2FOHZPbKNtoHp1YaFRLSMim2OJTU6abzYamUaU7f2LjXuQFhWWLB4Q6MUHR25Fu31XRZA03d3ov%2Fs2LDCjIN%2BkTuBHCXQs13YTHGPALs9Ft9lCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8499f201daa7a241-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHkr_l2KenQmLm1Tm0kcPZU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2364.gif
p.alcmpn.com/em/173/117/ Frame C059
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za63a9ER0Ln7WCxCRQYqhAAA%263641&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Za63a9ER0Ln7WCxCRQYqhAAA%263641&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=39bf75f78b784646be336af46269396b
  • https://he.lijit.com/merge?pid=8105&event_type=email&lc_md5=c371f3a46a0cf80ccb6bb53ce85259a1&lc_sha1=15d4ef2a428572900a9e39a893452a3378ab164e&lc_sha256=28fbaf00ae5a4767a5f448a07706ed924ac4c72e12adc...
  • https://p.alcmpn.com/em/173/117/2364.gif?gid=c371f3a46a0cf80ccb6bb53ce85259a1&eid=28fbaf00ae5a4767a5f448a07706ed924ac4c72e12adcf8eddc3dd7319f80d7a
64 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.alcmpn.com/em/173/117/2364.gif?gid=c371f3a46a0cf80ccb6bb53ce85259a1&eid=28fbaf00ae5a4767a5f448a07706ed924ac4c72e12adcf8eddc3dd7319f80d7a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
35.226.42.89 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.42.226.35.bc.googleusercontent.com
Software
nginx / Express
Resource Hash
d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
strict-transport-security
max-age=31536000;
server
nginx
x-powered-by
Express
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
server
awselb/2.0
content-type
image/gif
location
https://p.alcmpn.com/em/173/117/2364.gif?gid=c371f3a46a0cf80ccb6bb53ce85259a1&eid=28fbaf00ae5a4767a5f448a07706ed924ac4c72e12adcf8eddc3dd7319f80d7a
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C059 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Za63a9ER0Ln7WCxCRQYqhAAADjkAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QDNHAXDTAEXVP5BEKX50
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C059
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721673835&external_user_id=0bb679ad-da5b-422b-904c-81bc7a215aaf
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721673835&external_user_id=0bb679ad-da5b-422b-904c-81bc7a215aaf
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeE0h%2F%2Bz8VlMe4NZpqtGw%2B4KqdRzhsInAjNER8Zjr24K8TyC4fFe6il110Kisk5IhHNpkpI4gPbPwX6eO7aLSLeehVuKxTzIXCu%2Fzjb5%2BsYA0A4e3SJc5E88I7Ucw1Da3Ij%2BKBQVC0xbPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8499f2021b38a241-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 22 Jan 2024 18:43:55 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721673835&external_user_id=0bb679ad-da5b-422b-904c-81bc7a215aaf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum.casalemedia.com/ Frame C059
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=d414e492-7044-4560-a63c-3de6bd8268d4
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=d414e492-7044-4560-a63c-3de6bd8268d4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrtasQuibCme5LIK%2FuTLcgcicDvMy2pUFE6kwGUab0BCmzQxlldPr7p27WoIZXKn2Sw3OG6%2B1qWVES2RgPCqUrb68Yds%2F6KFhUgVglp2TsKdDnD96%2FQGuYmF6%2FBVNZxZW8vo1h9z"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8499f202bd5f36da-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Mon, 22 Jan 2024 18:43:16 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=d414e492-7044-4560-a63c-3de6bd8268d4
cache-control
private,no-cache
content-length
222
expires
-1
crum
dsum-sec.casalemedia.com/ Frame C059
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=324ac73e-b956-11ee-b644-b7871f57e117
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=324ac73e-b956-11ee-b644-b7871f57e117
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdGXmjYr2LH03Qb%2Fp9I%2FQZ1wofFb30o1xUOm7%2BDEruaZsIsdIkQiFpx%2F01obNVZ36%2Bvar%2Bcx6ZBmnSEOQM7ScjRQZ6HyjmzN3Ttf2LRTwjmZ944C%2FOkRxNNoSjvEZ5zWsLU9SA7MH5Miew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8499f202bc77a241-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=324ac73e-b956-11ee-b644-b7871f57e117
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-2
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
CookieIndex
rtb.adentifi.com/ Frame C059 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.132.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-132-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
ecm3
s.amazon-adsystem.com/ Frame C059 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Za63a9ER0Ln7WCxCRQYqhAAADjkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0PX4N5HFEZ8E95MK8RNR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.5esrd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.5esrd.com
date
Mon, 22 Jan 2024 18:43:55 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
container.html
4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BD5D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 18:43:55 GMT
expires
Tue, 21 Jan 2025 18:43:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
102
t.nit.ro/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.nit.ro/i/102?d=eyJhZFVuaXRDb2RlIjoiYXJ0aWNsZS1jb250ZW50LWF1dG8tMSIsImJpZGRlciI6ImFkeCIsImhlaWdodCI6MjUwLCJ3aWR0aCI6MzAwLCJjcG0iOjAsImNyZWF0aXZlSWQiOiIiLCJocmVmIjoiaHR0cHM6Ly93d3cuNWVzcmQuY29tLyIsInRpbWVUb1Jlc3BvbmQiOjYyMiwiYWNjZXB0YWJsZSI6ZmFsc2UsInJlcXVlc3RJZCI6IjAxOGQzMjdjLTZjN2ItNzAwMC04NzEyLTBiNjlhMzE2ZTYxNCIsImMiOiJDQSIsInIiOiJRQyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzA1OTQ5MDM1Mzg1fQ%3D%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.189.147 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
147.189.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cloud-trace-context
80bba78ec71d72455b31b49e162601ad
date
Mon, 22 Jan 2024 18:43:55 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
afr.php
ads.us.criteo.com/delivery/r/ Frame 8AA7 		135 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
407b333d3696b6ec2fa8b618c6fd57c3efc72e7243d05a387c3b0397cde0f9e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 18:43:55 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=JZr9d97_mcEDBESESo3Q3o7bMeZ2vDVkY-A2dblRgq-SWOUkuOtch9wKTWK-OT-cT9cUhTsVHuo8bkOypoR5gli1DsookdRZClynqq4M08RC837dEm8f5IVpbHNqWTVw48M8hbv39Gi91K-K6nNP8fcEktjz0yI9gOZGDl9BPfYxRi1Z6ZqErXAnufmdtReLbQmGKgEXqylY9vDYoyXxVYspgKbyiLm7KUTapDicRy_vsDkWr5hxcKqzBCO0eUi1l06WAA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
75913480
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B55F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 13:34:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
18542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 13:34:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B55F 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 13:31:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
18731
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 13:31:44 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B55F 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 00:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
65057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 21 Jan 2025 00:39:38 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B55F 		206 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 18:43:55 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 881B 		624 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpL6JAhjs7duDAjAB&v=APEucNXnK4V8xEG0qVZrDxB0su2m99UQSUOs9PLV0Ed2m2JnJdg0cMDctvHEHFyiM-v95fEjaRtyS1cSvurGPaYS6kOQ2Z1Vuw
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 18:43:55 GMT
expires
Mon, 22 Jan 2024 18:43:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame DD6C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:30:30 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame DD6C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:54:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
31781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:54:14 GMT
view
ad.doubleclick.net/pcs/ Frame DD6C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsviRBU0F0DYzPuZUfYXeyWjXNZh1hD1xT_Reyk1SIjwjqHlSxitCP5RgDRwQD7GWu4HfJdiufzkZnTGqLoFPl73k3aFxRNRy7p8gNG_rE87vqxjVC_dfBDjujHGEcOFjZCfQCZjIDvd4ADaoMfvRAkH5f496_nZzmLgQlHWKVXOdpHiygdly8RN_OQLt2HRjHICe3lz3VUBDnyfYO9iiXZfkGPqNvXL7syVnrFuF3XPxwobnVlHo1GV9Hv6T5pnFi2D14xSvOwRl-3NAJdDXVNWrQQdEsquOO-alxkgjuthmBrYEWrhDX7jiyxOxZvcqSvQLhUEQpmTih7AHyytbNhVlVHw7653fZg5fnlFhCAZ1hyQxalH-bwAbvPh0q0MrAMZjhxM5vQ_ILdRyprF4LGAFtUpb_GwAWjPkXPVvL4mN3XrlSX1P03SKNCr8jHYsJQfW4mGKh80IDiFb5117Z8Urf-D-IRTT41Fl9jijgShbPEov6gRVEtEmiFdoijFs-Np5frhAQVuVhSm8sGe_xQFfu7DM3igL__hg_1jjOQt3JawY7R0b6e3FbNhNuhgHXuoVpFsNtWkjhIE5IxHBzp70Nc2ZE81EqPsjvmNB1kxQNwnwxV42G-oZ5TT4ZWvjlXGjElhyupVlSJsh1Lmgs0TNBQJixHNjwnYqRr6avHgYXj_UA9golR1At1p75ksjxTtO35CNtbjbqPnCXTrF5XElILUru4HJEQilNIE4ZM7GtpaBod1SQ1HEoH_or3H4QEignJ3VTZNkSueH61Lc-Z6UQPaLZm1KniuxYH5NKP9ADbCtfbxMUsMd7R82AEnaeW0xHGUxtAz5sceTgEGINoE1ei5imkZhmwN1BNTwDL6Txklg9MpBpsiIIQ0v5gHj1ZrqYQMRE4PARHu5Aw780sXcxvm47fkPKjkOEMukIBKmWtcP2uzdvx9WWCkpWF4jY9wcvPjQJsc2TtPcxZW-T946ezu6-mlFBJWKTwczMIsI73evYnAi-UAoh2c6c9dExlNuHSOkXH1o_oucelv_eVOmj0XwgqBPVdUrPjxSNuoNAoTjyfAOSkH7cMobRrD2v0LesI0Le0xjXS32KWnwsd7fyRUoOTTX1GXNv_mKRTU2C4dQL0aAZ4CdbYOcDaWii9UBezOr1lsGlUmMxkJ3fK2mCcqpVapY7z5DO7OrrvAyqnaRc3yormjiYkjBfv3Q7s9H2oCIOZn6DCsK_JAqWefvXJvjmAT0MzBTarLHo2wbGtDrYN06EfYUei4Ln_cc5B-ebXbglk1iQoP0Avqqnd4VgYKr5J1Yvn47BK2vw8oJBOLFhLUaA4fhj9L1ZOgqJ6-ZhIVtJa5e6bBujMOnOAlVtRhZUxh5eVbOW9YdO9-HVyoqDMtkRhYobAqn-st5-I0bKEm21p-Pzg&sai=AMfl-YQrTo9C78Y939Os7NbM_qae5WUt7YOeSJVBRHoYe-TFlCDe-qSALeSQb4TV6NX3MCU3Go7aMvKg9-R3aewRGDxqLI6VDUzUUHc7kSzzG6K8GbOlx1avy0dD6lhxzpNHT2kkSJXRH0no-sGY_7A8ajUNlSpD4mY8j5ztABvxpxWDgIILZoCKusnsPjcF0m1LVN570ADjf1enYxxcVK0cZd8Q16k2mlhCSHyt_tw8OkmGCNJp_yIrz6dWBklUq53i-EFv1qU9UU6iT9xSCpTA8MIy7P8he5FHCxKJ9RvDQsbh-csxbgSKRM_T-tGkQ1JRWsUXbxuC_laM_BRjv43X4bRuuQOOwbmgT919ZqTnywPKOInhXrHUpIQySxishfpAySX-C3IpW7vcEzjwOTB3LnhqyqGW_x60sOQHLS4T9xpFtl5m69iloEJ_kW5Az9tCAtn622-RPEYFnsvEpr2VBNeIK4MzbJMmf-4vxqv4H1gMaasTuusMO8grdbKNvHUlImVJDA&sig=Cg0ArKJSzPBfmfpyXRc2EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaG9waWZ5LmNh&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20240118.87745&arae=0&ftch=1&adurl=
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 18:43:55 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 22 Jan 2024 18:43:55 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame DD6C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:18:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
278710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:18:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame DD6C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 13:34:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
18542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 13:34:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame DD6C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 13:31:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
18731
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 13:31:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD6C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CG01TLUJYOA9QbFEnA-fp11S9d038qf9WtFjck_OYTPfGCeBLCSUDaKdm9L9sE7UM8MWK-0d96NAHaw4ATMpqaGEaVO2AEeKnKV71jYE3VVtfclNk
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DD6C 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 18:43:55 GMT
2406353139782789742
s0.2mdn.net/simgad/ Frame DD6C 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2406353139782789742
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
72c386b49bd444594d4a32146811b03bca7bb0fd6a0e114458da3ae6594b6c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 13:42:32 GMT
date
Fri, 19 Jan 2024 13:42:32 GMT
x-content-type-options
nosniff
age
277283
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100146
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 21:08:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
pixel
googleads.g.doubleclick.net/xbbe/ Frame 944B 		624 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpL6JAhjYzYP7ATAB&v=APEucNUHNwP5l3T0uL3EnjyeyZ39dKzj5Eq3FXYuyNo6-jmKZZljKI6UK2NDU-TldnTZ2eu2Qd2LaaDpGf8cmO2uvEPc7dHcWQ
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 18:43:55 GMT
expires
Mon, 22 Jan 2024 18:43:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame BD5D 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
Origin
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 20:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Jan 2024 20:24:48 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame BD5D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:54:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
31781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:54:14 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame BD5D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:30:30 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame BD5D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:18:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
278710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:18:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame BD5D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 13:34:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
18542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 13:34:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame BD5D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 13:31:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
18731
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 13:31:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD5D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Crn-31WNzmCeJmJRaItc0ApFubviARXbfUEa7gROXit5cQlt40yrFaF_JrEBaML079zxYds7B2Owqgf-2g2XUAcnVwC5HgssZCB53HeLJnjD_FOd8
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BD5D 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 18:43:55 GMT
rum
dsum-sec.casalemedia.com/ Frame 881B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5vsCtWSqCPe-6QiGVf9OI&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5vsCtWSqCPe-6QiGVf9OI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpL6JAhjs7duDAjAB&v=APEucNXnK4V8xEG0qVZrDxB0su2m99UQSUOs9PLV0Ed2m2JnJdg0cMDctvHEHFyiM-v95fEjaRtyS1cSvurGPaYS6kOQ2Z1Vuw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3jhOR1APcEn%2FI0hmH7NYVXHt6YPMsqWt9vR%2BqMdcgFcBs0e4wL4RqPeG4X6Um5IIV5apbEwGAHakApruksrpJYIg1Nm8kPz1OGTnl85Us8PrDTy3HO1prjPJidvxe8RUF3xnuEV4TOBTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8499f201ba69a241-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5vsCtWSqCPe-6QiGVf9OI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 881B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za63a9ER0Ln7WCxCRQYqhAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9QENpwqGhqogIXSootYac&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9QENpwqGhqogIXSootYac&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpL6JAhjs7duDAjAB&v=APEucNXnK4V8xEG0qVZrDxB0su2m99UQSUOs9PLV0Ed2m2JnJdg0cMDctvHEHFyiM-v95fEjaRtyS1cSvurGPaYS6kOQ2Z1Vuw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMAk5xfrfy3Jhbg%2FPQXcGD%2BC5C9OATeEgn5b8ukgyYUm3AHgqpYWJXW7Vz7tUyUnSVTfl8FwdUQXMiEunUS%2Fzef%2FXJ4VFfr4GBfHnlrEUzYwZAuxn4egTwOxUK5KaW3Qb1M%2FC0rmLZzulw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8499f2028c28a241-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9QENpwqGhqogIXSootYac&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 881B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGgXv6YGzeAxrpGWvIpiK00&google_cver=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGgXv6YGzeAxrpGWvIpiK00&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpL6JAhjs7duDAjAB&v=APEucNXnK4V8xEG0qVZrDxB0su2m99UQSUOs9PLV0Ed2m2JnJdg0cMDctvHEHFyiM-v95fEjaRtyS1cSvurGPaYS6kOQ2Z1Vuw
Protocol
H2
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
an-x-request-uuid
6f0beb56-a491-490c-b88a-bca25258d0a5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGgXv6YGzeAxrpGWvIpiK00&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 881B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2NDIzOTY5OTEzMDYxNDUyMA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2NDIzOTY5OTEzMDYxNDUyMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpL6JAhjs7duDAjAB&v=APEucNXnK4V8xEG0qVZrDxB0su2m99UQSUOs9PLV0Ed2m2JnJdg0cMDctvHEHFyiM-v95fEjaRtyS1cSvurGPaYS6kOQ2Z1Vuw
Protocol
H2
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
an-x-request-uuid
5de22661-40b6-4d73-b9db-f08fa1b34074
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2NDIzOTY5OTEzMDYxNDUyMA%3D%3D
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 13CC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73566943&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8738d35f416f7205dfa66b0dd2b3df8273288814a0566f6df60df57029d69520

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 22 Jan 2024 18:43:55 GMT
content-length
1736
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 156C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=ICQjjBZH78sk_TbMTt-2JdYJ&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P42R2G9PN4QBNFYHR2TD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 156C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=5264239699130614520&gdpr=0&gdpr_consent=
43 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=5264239699130614520&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
an-x-request-uuid
a2c62405-9719-4601-9e38-eefbf1a99dd1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=5264239699130614520&gdpr=0&gdpr_consent=
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 156C
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPU70a0bce6039d4daca1e59f3959e90c3e&gdpr=0&gdpr_consent=&pid=103
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPU70a0bce6039d4daca1e59f3959e90c3e&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:56 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPU70a0bce6039d4daca1e59f3959e90c3e&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
de7ce10e57c2d3dc3202d108c71b2d20.gif
cs.krushmedia.com/ Frame 156C
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/universal/v1?supply_id=7yx5VOUe
  • https://cs.krushmedia.com/de7ce10e57c2d3dc3202d108c71b2d20.gif?puid=d6630e4d-4a2d-4525-a2ce-0b6de149f6df
9 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.krushmedia.com/de7ce10e57c2d3dc3202d108c71b2d20.gif?puid=d6630e4d-4a2d-4525-a2ce-0b6de149f6df
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
8.2.110.134 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:56 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain

Redirect headers

location
https://cs.krushmedia.com/de7ce10e57c2d3dc3202d108c71b2d20.gif?puid=d6630e4d-4a2d-4525-a2ce-0b6de149f6df
date
Mon, 22 Jan 2024 18:43:56 GMT
content-length
0
merge
ce.lijit.com/ Frame 156C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1705949036022
  • https://ad.turn.com/r/cs?pid=45&rndcb=5540568046
  • https://sync.1rx.io/usersync/turn/4468107433271758181?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-82936826-9fe8-451e-b84d-303146b39ef7-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-82936826-9fe8-451e-b84d-303146b39ef7-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-82936826-9fe8-451e-b84d-303146b39ef7-005
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-82936826-9fe8-451e-b84d-303146b39ef7-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-82936826-9fe8-451e-b84d-303146b39ef7-005
date
Mon, 22 Jan 2024 18:43:57 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX829368269fe8451eb84d303146b39ef7005
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 156C
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SUNRampCWkg3OHNrX1RiTVR0LTJKZFlK&gdpr=0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SUNRampCWkg3OHNrX1RiTVR0LTJKZFlK&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 Jan 2024 18:43:55 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SUNRampCWkg3OHNrX1RiTVR0LTJKZFlK&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame BE68 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=d6630e4d-4a2d-4525-a2ce-0b6de149f6df
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E9JV1P6C4X4CNSZNTEV5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame BE68
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.235.32.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-32-60.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&gdpr=0&gdpr_consent=
date
Mon, 22 Jan 2024 18:43:55 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame BE68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZDY2MzBlNGQtNGEyZC00NTI1LWEyY2UtMGI2ZGUxNDlmNmRm
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.235.32.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-32-60.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame BE68
Redirect Chain
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=5264239699130614520
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=5264239699130614520
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.235.32.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-32-60.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
an-x-request-uuid
e3fdb706-8dee-4ce9-b671-7e1ad71ffd50
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=5264239699130614520
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame BE68
Redirect Chain
  • https://sync.1rx.io/usersync2/sharethrough
  • https://sync.1rx.io/usersync2/sharethrough?zcc=1&cb=1705949035998
  • https://ad.turn.com/r/cs?pid=45&rndcb=1781057330
  • https://sync.1rx.io/usersync/turn/4540165027309686117?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-82936826-9fe8-451e-b84d-303146b39ef7-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-82936826-9fe8-451e-b84d-303146b39ef7-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-82936826-9fe8-451e-b84d-303146b39ef7-005
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-82936826-9fe8-451e-b84d-303146b39ef7-005
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-82936826-9fe8-451e-b84d-303146b39ef7-005
date
Mon, 22 Jan 2024 18:43:57 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX829368269fe8451eb84d303146b39ef7005
content-type
text/html
rum
dsum-sec.casalemedia.com/ Frame 944B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMN6rrXs0MZtW41hZcaLkaM&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMN6rrXs0MZtW41hZcaLkaM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpL6JAhjYzYP7ATAB&v=APEucNUHNwP5l3T0uL3EnjyeyZ39dKzj5Eq3FXYuyNo6-jmKZZljKI6UK2NDU-TldnTZ2eu2Qd2LaaDpGf8cmO2uvEPc7dHcWQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODmM%2BeLBDNuRdpycZoeahelKw1rmXg7SeqaYoQHxnFfGJT4TtQVvLvMJtdgvjDexWh4wtggYCldvpkWS7MfD8DANjLIenHO35ktr9yLvLyBWsD7jl1%2Bv6YxrUXarYA0zbBL6bp211WoA7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8499f2021b3da241-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMN6rrXs0MZtW41hZcaLkaM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 944B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za63a9ER0Ln7WCxCRQYqhAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_-2cA_5ZGV1Lc9d85vkgA&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_-2cA_5ZGV1Lc9d85vkgA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpL6JAhjYzYP7ATAB&v=APEucNUHNwP5l3T0uL3EnjyeyZ39dKzj5Eq3FXYuyNo6-jmKZZljKI6UK2NDU-TldnTZ2eu2Qd2LaaDpGf8cmO2uvEPc7dHcWQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvI82fqLXUnhQP3dE9PPvuqu9iFY7SxfbiaMjjosqLax23zI3GncHKUTPiQYKc75C4oHIjaIDNmIIE1R8GC5YbuWO%2Fd%2B3L8qsm%2Fmun%2BkPawnws0ZUyZxEhoIMSsakYsHwC34K7UJrHskJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8499f2030d56a241-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO_-2cA_5ZGV1Lc9d85vkgA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 944B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDlk9LmvfYLXY7pM_j-Il14&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDlk9LmvfYLXY7pM_j-Il14&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpL6JAhjYzYP7ATAB&v=APEucNUHNwP5l3T0uL3EnjyeyZ39dKzj5Eq3FXYuyNo6-jmKZZljKI6UK2NDU-TldnTZ2eu2Qd2LaaDpGf8cmO2uvEPc7dHcWQ
Protocol
H2
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
an-x-request-uuid
4319d79d-5f55-471d-ad64-bbe06b867d16
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDlk9LmvfYLXY7pM_j-Il14&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 944B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2NDIzOTY5OTEzMDYxNDUyMA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2NDIzOTY5OTEzMDYxNDUyMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpL6JAhjYzYP7ATAB&v=APEucNUHNwP5l3T0uL3EnjyeyZ39dKzj5Eq3FXYuyNo6-jmKZZljKI6UK2NDU-TldnTZ2eu2Qd2LaaDpGf8cmO2uvEPc7dHcWQ
Protocol
H2
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
an-x-request-uuid
5054e7cc-014f-48f0-83a9-2efba7af567e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2NDIzOTY5OTEzMDYxNDUyMA%3D%3D
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame DD6C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsviRBU0F0DYzPuZUfYXeyWjXNZh1hD1xT_Reyk1SIjwjqHlSxitCP5RgDRwQD7GWu4HfJdiufzkZnTGqLoFPl73k3aFxRNRy7p8gNG_rE87vqxjVC_dfBDjujHGEcOFjZCfQCZjIDvd4ADaoMfvRAkH5f496_nZzmLgQlHWKVXOdpHiygdly8RN_OQLt2HRjHICe3lz3VUBDnyfYO9iiXZfkGPqNvXL7syVnrFuF3XPxwobnVlHo1GV9Hv6T5pnFi2D14xSvOwRl-3NAJdDXVNWrQQdEsquOO-alxkgjuthmBrYEWrhDX7jiyxOxZvcqSvQLhUEQpmTih7AHyytbNhVlVHw7653fZg5fnlFhCAZ1hyQxalH-bwAbvPh0q0MrAMZjhxM5vQ_ILdRyprF4LGAFtUpb_GwAWjPkXPVvL4mN3XrlSX1P03SKNCr8jHYsJQfW4mGKh80IDiFb5117Z8Urf-D-IRTT41Fl9jijgShbPEov6gRVEtEmiFdoijFs-Np5frhAQVuVhSm8sGe_xQFfu7DM3igL__hg_1jjOQt3JawY7R0b6e3FbNhNuhgHXuoVpFsNtWkjhIE5IxHBzp70Nc2ZE81EqPsjvmNB1kxQNwnwxV42G-oZ5TT4ZWvjlXGjElhyupVlSJsh1Lmgs0TNBQJixHNjwnYqRr6avHgYXj_UA9golR1At1p75ksjxTtO35CNtbjbqPnCXTrF5XElILUru4HJEQilNIE4ZM7GtpaBod1SQ1HEoH_or3H4QEignJ3VTZNkSueH61Lc-Z6UQPaLZm1KniuxYH5NKP9ADbCtfbxMUsMd7R82AEnaeW0xHGUxtAz5sceTgEGINoE1ei5imkZhmwN1BNTwDL6Txklg9MpBpsiIIQ0v5gHj1ZrqYQMRE4PARHu5Aw780sXcxvm47fkPKjkOEMukIBKmWtcP2uzdvx9WWCkpWF4jY9wcvPjQJsc2TtPcxZW-T946ezu6-mlFBJWKTwczMIsI73evYnAi-UAoh2c6c9dExlNuHSOkXH1o_oucelv_eVOmj0XwgqBPVdUrPjxSNuoNAoTjyfAOSkH7cMobRrD2v0LesI0Le0xjXS32KWnwsd7fyRUoOTTX1GXNv_mKRTU2C4dQL0aAZ4CdbYOcDaWii9UBezOr1lsGlUmMxkJ3fK2mCcqpVapY7z5DO7OrrvAyqnaRc3yormjiYkjBfv3Q7s9H2oCIOZn6DCsK_JAqWefvXJvjmAT0MzBTarLHo2wbGtDrYN06EfYUei4Ln_cc5B-ebXbglk1iQoP0Avqqnd4VgYKr5J1Yvn47BK2vw8oJBOLFhLUaA4fhj9L1ZOgqJ6-ZhIVtJa5e6bBujMOnOAlVtRhZUxh5eVbOW9YdO9-HVyoqDMtkRhYobAqn-st5-I0bKEm21p-Pzg&sai=AMfl-YQrTo9C78Y939Os7NbM_qae5WUt7YOeSJVBRHoYe-TFlCDe-qSALeSQb4TV6NX3MCU3Go7aMvKg9-R3aewRGDxqLI6VDUzUUHc7kSzzG6K8GbOlx1avy0dD6lhxzpNHT2kkSJXRH0no-sGY_7A8ajUNlSpD4mY8j5ztABvxpxWDgIILZoCKusnsPjcF0m1LVN570ADjf1enYxxcVK0cZd8Q16k2mlhCSHyt_tw8OkmGCNJp_yIrz6dWBklUq53i-EFv1qU9UU6iT9xSCpTA8MIy7P8he5FHCxKJ9RvDQsbh-csxbgSKRM_T-tGkQ1JRWsUXbxuC_laM_BRjv43X4bRuuQOOwbmgT919ZqTnywPKOInhXrHUpIQySxishfpAySX-C3IpW7vcEzjwOTB3LnhqyqGW_x60sOQHLS4T9xpFtl5m69iloEJ_kW5Az9tCAtn622-RPEYFnsvEpr2VBNeIK4MzbJMmf-4vxqv4H1gMaasTuusMO8grdbKNvHUlImVJDA&sig=Cg0ArKJSzPBfmfpyXRc2EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaG9waWZ5LmNh&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=250&vt=11&dtpt=248&dett=2&cstd=1&cisv=r20240118.87745&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtset
bh.contextweb.com/bh/ Frame 64AF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=a2k2aE9tOE1RYmdySmFTaHJwVmYxQQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEH3Vy9YuvSvMavywFI3BNJc&google_cver=1
49 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEH3Vy9YuvSvMavywFI3BNJc&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-t7xjm
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEH3Vy9YuvSvMavywFI3BNJc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 64AF
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035435&nuid=&gdpr_consent=&gdpr=0
49 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035435&nuid=&gdpr_consent=&gdpr=0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-t7xjm
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035435&nuid=&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 64AF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=td800RW9A2He&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8GQJNBMQGQZPHDV97YDC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4BC8 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=b3f9339f-387a-8d89-9ecd-b964259b39be
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZECCW2D53KTE6KDGVA2E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4BC8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8851619772679151664
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8851619772679151664
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8851619772679151664
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4BC8 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b3f9339f-387a-8d89-9ecd-b964259b39be
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
39RK78JKYA25R1JPGXS7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4BC8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=eb2f4fe2-24d0-3673-5ec3-3bf34da8f25e&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&ttd_puid=eb2f4fe2-24d0-3673-5ec3-3bf34da8f25e&gdpr=0&gdpr_consent=
43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&ttd_puid=eb2f4fe2-24d0-3673-5ec3-3bf34da8f25e&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&ttd_puid=eb2f4fe2-24d0-3673-5ec3-3bf34da8f25e&gdpr=0&gdpr_consent=
date
Mon, 22 Jan 2024 18:43:55 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 4BC8 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzc0MDljMjgtZWRhNy02OGQ3LTRiMjMtNjE0YTg3NGEzYzNl
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4BC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOOPMkGx0BmZbrgOXpeddtY&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOOPMkGx0BmZbrgOXpeddtY&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOOPMkGx0BmZbrgOXpeddtY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B55F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
687f66f277b41d6f1f3f8577807dd2b472170b6404db20a5aeee6d8e20d3d05a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DD6C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0f7c9841161eb5b400675dfdae58e567c35dbf06d23c95592c9a56804f3e325

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2964 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
26633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 11:20:03 GMT
expires
Tue, 21 Jan 2025 11:20:03 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dcm
s.amazon-adsystem.com/ Frame EF3E 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D7359040-831C-4C53-8F3D-3E61AAF82C32&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 Jan 2024 18:43:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
RK436G46YD87Y1TJS9Q3
ecm3
s.amazon-adsystem.com/ Frame 7FA3 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDD7359040-831C-4C53-8F3D-3E61AAF82C32
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 Jan 2024 18:43:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
P697ZE5WD900VZ7FZGKB
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 13CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1zWQQIMcTFOPPT5hqvgsMg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.220.124.197 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-124-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=122550
accept-ranges
bytes
content-length
5622
expires
Wed, 24 Jan 2024 04:46:26 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 13CC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D7359040-831C-4C53-8F3D-3E61AAF82C32
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=D7359040-831C-4C53-8F3D-3E61AAF82C32
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9b244153-841e-453a-bde1-70992b73f94e%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&ttd_puid=9b244153-841e-453a-bde1-70992b73f94e%2C%2C
95 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&ttd_puid=9b244153-841e-453a-bde1-70992b73f94e%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:57 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&ttd_puid=9b244153-841e-453a-bde1-70992b73f94e%2C%2C
date
Mon, 22 Jan 2024 18:43:56 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 13CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20D7359040-831C-4C53-8F3D-3E61AAF82C32&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 13CC 		37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=D7359040-831C-4C53-8F3D-3E61AAF82C32&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 22 Jan 2024 18:43:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 13CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDczNTkwNDAtODMxQy00QzUzLThGM0QtM0U2MUFBRjgyQzMy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 Jan 2024 13:54:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 13CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECBX12YvFj5nEPZwSITg0us&google_cver=1
42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECBX12YvFj5nEPZwSITg0us&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 Jan 2024 18:43:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECBX12YvFj5nEPZwSITg0us&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 13CC
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3F66180D3274469DA5E9643B9D81CE1D
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3F66180D3274469DA5E9643B9D81CE1D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 Jan 2024 18:43:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 22 Jan 2024 18:43:56 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3F66180D3274469DA5E9643B9D81CE1D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 21 Jan 2024 18:43:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 13CC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&gdpr=0&gdpr_consent=
42 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 Jan 2024 18:43:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&gdpr=0&gdpr_consent=
date
Mon, 22 Jan 2024 18:43:56 GMT
server
Kestrel
content-length
355
D7359040-831C-4C53-8F3D-3E61AAF82C32
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 13CC 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/D7359040-831C-4C53-8F3D-3E61AAF82C32?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:3c33:5926:76d2:8c3e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
truncated
/ Frame BD5D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cdc366c0a50917e9f64b5732ea8279138bb889c1127c16481d0b0f4dd6cddc5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7AA0 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
26633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 11:20:03 GMT
expires
Tue, 21 Jan 2025 11:20:03 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8AA7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Jan 2025 18:43:56 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 8AA7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Jan 2025 18:43:56 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8AA7 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 16 Jan 2025 18:43:56 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8AA7 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 16 Jan 2025 18:43:56 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 8AA7 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=Tq6niPo2Ts9wZZEIOZzvQ1JSPAqkeJ0Iqxf4_tRrAZrfjjbiMrnSlVy0lDdFy8eEe-Fjxii3aFe976lVd5v21wnh1M3YNyNkU-892wf-IyftGBOsUfGdI_TBi5gB0_7E_M0D7Rp99oYYXw1SjcfU-pTIYzz3p00QXibP6bmC3VWJw9tEMVRkbws5BHY9emkf13jc010ReVgmJoRlGd-c7w3WzIZ80zFZ_Z1MAWFmRVWYMr_I21tr8m65qRY5qk_gqRbgnMDiw9OVGcIGqUZAAesWzGk4jKyvvxowiC2WOyHdDM14wGMPKNsOWgzx-hrQJFNZ9inwW0YxLo5h4Z70NXQzXoiTIWasC44qMAS_z3O8pLrmDjZH4LT-EG3UIKewKOk30xf63os3ecAjmUFBZFSxHr7d9O5Kizj468_gIaMFUuF3
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2756626
expires
Mon, 26 Jul 1997 05:00:00 GMT
imp
tags.rd.linksynergy.com/ Frame 8AA7 		37 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.rd.linksynergy.com/imp?mID=9147&nID=102&aID=18393227
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 22 Jan 2024 18:43:56 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-samesite
secure
102
t.nit.ro/i/ 		0
12 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.nit.ro/i/102?d=eyJhZFVuaXRDb2RlIjoibml0cm9wYXktNWVzcmQtdG9wIiwiYmlkZGVyIjoiYWR4IiwiaGVpZ2h0Ijo5MCwid2lkdGgiOjk3MCwiY3BtIjowLCJjcmVhdGl2ZUlkIjoiIiwiaHJlZiI6Imh0dHBzOi8vd3d3LjVlc3JkLmNvbS8iLCJ0aW1lVG9SZXNwb25kIjo0MjAsImFjY2VwdGFibGUiOmZhbHNlLCJyZXF1ZXN0SWQiOiIwMThkMzI3Yy02OTgxLTcwMDAtYmQyMy0xOTg1NzczM2NkNzMiLCJjIjoiQ0EiLCJyIjoiUUMiLCJ0eXBlIjowLCJkdXJhdGlvbiI6MCwicmVmcmVzaCI6ZmFsc2UsInRpbWVzdGFtcCI6MTcwNTk0OTAzNTE4MH0%3D&v=true&t=1093
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.189.147 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
147.189.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cloud-trace-context
39ad7511c5119327911ba519d7b77716
date
Mon, 22 Jan 2024 18:43:56 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
animejs.js
static.criteo.net/animejs/ Frame 8AA7 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Jan 2025 18:43:56 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52d9412a2bdba8cac6f422da44e9bc7a9b0e8506725a8030fb3a09c7891b1158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132612
x-xss-protection
0
expires
Mon, 22 Jan 2024 18:43:56 GMT
index.html
s0.2mdn.net/sadbundle/873199182112882688/ Frame F948 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
ee27eaa7780fa1753a897031386b43ec1c1e98b6b39a4aa40af39d0206c9a171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
278317
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3826
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 13:25:19 GMT
expires
Sat, 18 Jan 2025 13:25:19 GMT
last-modified
Thu, 19 Oct 2023 02:25:31 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame BD5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstI-DPnzyXkwjQ-IbB88Y5xCrQvDxYb8uIQTkBSlfv3nfekx9UJbuRqPViFmDcyixztUELZVnOMZ58K7f2a_NdShtUlIw86xQjydOBY9botgeP9MO2JsnHctODG-y4suEAr84vyQZ0bHQhJkYtd0f5nSYzrkxiKLBxqg8Lim0snqTVvBaS1_BYyMlI7K7PLW9-fnoxh6dCP_52KvGXsPyNwn6LemNsUUk3R1h11LgCS7RZIspCZRKzIzTToF_AbueKDj7tYHlF1IDNiJGYYAf0CJZwVdZIOq3rboUSIpgu9G4ay0QppGxqngbuWf-VonRUPk56WS7fn808dPJ6Uwkm_jJMlJVsYn-6uNdclyAnyklqVKWlekRkUPSYmaJodvKf4e7GwSmMx6INJsXYg_7G6xAA9uo1ZhzKJc1__iCyrzarjXzLulqhskpYNYOrycwQ3u8QAhYc87a8zsFYAemwG4TnQ1mVKTtdtqW1e9S752piKgX2S0LrtggULa952ZeZBf3OCZnUZ-ZSROHZVJRUvXEEvqaFQC3wJEGTxtNc9H7Bbx1PBkJXFffH5qgVxqv5modpKgJwn6wual_SE7gNF2aSpixfCEgH1xHzEsnarasKo-QPu9j1f9FwjThfcCwL6G3cLyrLg-aU1KweaLpe0BKTtSP5IzaxNlTLBzqJF975Wg0YGa3z6oFbYj7OwXK9xn4xy5EnZ930yetSAPw0y0_gmgcGxb3-IhXJ3kzQnILMOQ1F14BYNkIDZx6TAmQFSu0xs4bYW3tf5iDo_GR-mco87o2UAb-9mIFiJqYbYOl4F_VoiUgPFrVFHBoPynqE7kENKbnOJ797tClQyvXW74PQ85b8Y9j4jkJn4kUgFmtIyoRtzc6MRBz6wm3Ag4uBoG9E01e0GKlKeEInPxKWhn2Xo7Ww2izLIYojhzHglugKE_qtNV6qVgyM8DEwtnJxFQe-eBxIJFtip56U0oENS9EPdEHmtvdI8V6x8ukxn8TnrYrEuIt69tqZ2cmOFXcGamTEZ1XNoD_kaYQjZnMrOE8bPdLfO12g-4xppcxWRlSaYPLZNIDACFF1pJNu0mUTGNs1n3li34tlM5qUlQOHOG4U-X4cTZK8NtjUkbNXsZHlZRJNIzK6ZynK-iVybGRJ7zvVVeQ5pGgftfyoXDwYh-sj_-9BRAALAIjBmtR9gmZ6tWqqg-XBmJl5W9hvrzXteSWspSl5o5sg69IyQ2zv6jVAc5FhLtBB8YHqSL2SS0TssKFulOp-FaNIRe-PZ9nt-Rg7azf38lmE3VkkjlBXQf6HBW2LOqA08SIuvquAUbToTeGjFSyeztJ7NwWMJVrLNNDMU6W3vwT35PO0fzFzRZBHEJRVKvTE0DOnaT6Kw_O96yJzSaQsXsUxYNpvvPEZdXhODEF46vVLFy3BP&sai=AMfl-YTeReJegpuKF7YGYpbqxNct_4ekWzki1p2QKAzblrY7vQqEzIBkhG-nBKrdwsqxT_-jpc7TQPnm5eU2GccDj9PWHEUv7Dap8j5xRit1SVVES-cWTX7oCdxXW1UCY5uCYv5tPVLloLjECaoeoqckD39lwtEtxWiLF-7uHIu_x9aTF1FrLAc9l23KiyMenVuB6NrnfCWPvRGuM1ECx2WGuPN0bhMySygwBzGEWSvcPdjIiHNeuau8kAXOokY4HAyZWL-4jkNusnnshc-aE9jRXMqGZPuk3SMy9FqJ35TynL9Py2jnTYP3gN5JYiyQ50vg87mtFXR4mgid37rfvxeJQIRQSc5JyoNddxcgKfqPBTGfsQLIPE7GdlRe_hykvM-6aLrOwL25fRKufLxKsXnxIOMJH0zdzj0ZwosD65yP-PAsmL24gOsWMNEwBQV4t0J6k6SbWVwYNZl2TRmZRYTQE1mPTALi-U5w7R-tTlVyi5YJdO_wBk3PiGpQZTGzVQdMzR2GyA&sig=Cg0ArKJSzIVzdCru7PkXEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaG9waWZ5LmNvbSxodHRwczovL3Nob3BpZnkuY2E&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=778&cbvp=1&cstd=775&cisv=r20240118.58218&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 18:43:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
img
imageproxy.us.criteo.net/img/ Frame 8AA7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?h=176&m=0&partner=97277&q=80&r=0&u=https%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F97277%2F221116%2F5269ae06d6b64e599d2e26bc82f30710_sisley_paris_logo.svg.png&v=3&w=256&rid=4&s=QT59v9DVU34KyIbcIRJ0WZOr
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4af957feb4d294855a64f414a962b425ce8466b371709d33da7f532251ae956a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
6904
expires
Sat, 28 Dec 2024 01:57:17 GMT
img
imageproxy.us.criteo.net/img/ Frame 8AA7 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?h=1200&m=0&partner=97277&q=80&r=0&u=https%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F97277%2F5209701%2F30099ec093074b0285c9cc1cefda04c0_1200x628_makeup_showcase.png&v=3&w=1200&rid=4&s=VVL6fMltKOfnkWwFN7Qvs391
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e70dce7fa1dc6a1b8a2e42c7b783ed11647d527fd683314e4bebc712ace3c393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
39394
expires
Sat, 28 Dec 2024 00:20:13 GMT
img
imageproxy.us.criteo.net/img/ Frame 8AA7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97277&q=80&r=0&u=https%3A%2F%2Fwww.sisley-paris.com%2Fdw%2Fimage%2Fv2%2FBCXZ_PRD%2Fon%2Fdemandware.static%2F-%2FSites-masterCatalog_Sisley%2Fdefault%2Fdwa172a461%2Fimages%2Flarge%2F150075_01.jpg%3Fsw%3D1000%26sh%3D1000%26q%3D80&v=3&w=400&rid=4&s=qre5QdEUrN3g8stnwFes00TE&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d5f77d419a79cfc384824969311bf33d8b00a268e3990d24fde5a3757c120042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
12216
expires
Tue, 13 Feb 2024 13:46:41 GMT
img
imageproxy.us.criteo.net/img/ Frame 8AA7 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97277&q=80&r=0&u=https%3A%2F%2Fwww.sisley-paris.com%2Fdw%2Fimage%2Fv2%2FBCXZ_PRD%2Fon%2Fdemandware.static%2F-%2FSites-masterCatalog_Sisley%2Fdefault%2Fdwbf95ba19%2Fimages%2Flarge%2F187430_01.jpg%3Fsw%3D1000%26sh%3D1000%26q%3D80&v=3&w=400&rid=4&s=TPAgUmORjHQTwsb_Q7IWprCo&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1d8e70a81e552a00a4254f6d493dbb36aecdd42d8587ea5ce9463cb077f0ee4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
1346
expires
Tue, 13 Feb 2024 15:59:44 GMT
all
csm.us.criteo.net/ Frame 8AA7 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=JZr9d97_mcEDBESESo3Q3o7bMeZ2vDVkY-A2dblRgq-SWOUkuOtch9wKTWK-OT-cT9cUhTsVHuo8bkOypoR5gli1DsookdRZClynqq4M08RC837dEm8f5IVpbHNqWTVw48M8hbv39Gi91K-K6nNP8fcEktjz0yI9gOZGDl9BPfYxRi1Z6ZqErXAnufmdtReLbQmGKgEXqylY9vDYoyXxVYspgKbyiLm7KUTapDicRy_vsDkWr5hxcKqzBCO0eUi1l06WAA&sds=2&rev=90272.1&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 22 Jan 2024 18:43:57 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8AA7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Jan 2025 18:43:56 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8AA7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Jan 2025 18:43:56 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 2964 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:51:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
3158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 17:51:18 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 7AA0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:51:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
3158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 17:51:18 GMT
adlib.css
s0.2mdn.net/sadbundle/873199182112882688/ Frame F948 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/873199182112882688/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 13:44:05 GMT
date
Fri, 19 Jan 2024 13:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
277191
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1924
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 02:25:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
adStyle.css
s0.2mdn.net/sadbundle/873199182112882688/ Frame F948 		2 KB
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/873199182112882688/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
c7b10d294e734c0045b27afced356672202fa70e9f537c5fdaafaab5462d604e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 13:25:19 GMT
date
Fri, 19 Jan 2024 13:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278317
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
587
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 02:25:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Enabler.js
s0.2mdn.net/ads/studio/ Frame F948 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:34:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48652
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Jan 2024 18:49:56 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F948 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Jan 2024 18:43:56 GMT
textFit.js
s0.2mdn.net/sadbundle/873199182112882688/ Frame F948 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/873199182112882688/textFit.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 13:25:19 GMT
date
Fri, 19 Jan 2024 13:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278317
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2875
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 02:25:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
adlibUtils-v3.js
s0.2mdn.net/sadbundle/873199182112882688/ Frame F948 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/873199182112882688/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
ed12c0d9f531492bd81f2eb30125ce9a7db330b9d9854258879b55efebf3e75b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 13:27:29 GMT
date
Fri, 19 Jan 2024 13:27:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278187
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6133
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 02:25:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
animation.js
s0.2mdn.net/sadbundle/873199182112882688/ Frame F948 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/873199182112882688/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
a4c569d014ae96433d816cf70a7b2b2b176005058a6e9638caa3808c296691d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 20 Jan 2025 20:28:23 GMT
date
Sun, 21 Jan 2024 20:28:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80133
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3436
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 02:25:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2964 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCFHIareuZYLxNquDvPIPlo6C8AkAAAAAOAHgBAI&bg=!MjGlMX7NAAa8BdJLnAU7ADQBe5WfONRjNapt1dTA7nXD06mQ1dMSGZk23IQ3sAileTvBPwU27liNIFKoMQHpkxrHMiwUAgAAAGpSAAAAA2gBBwoAOJTT5bjJePcjCV1-CPp8X1OK94C02TNvNuAC_axpR5BmaXF6RNDcQDAet7LHbLN0SnG8eHyzY098mQL5rh6htxhp48Ty2_lj65DSBO98Kdiib7MkOPVUo1-8NHXm6YhIDuUEOK1MHRnA3UBgmGZWohLR3Q2kz2wv2po6uMupXQes7rcPkJJ4iUZXqFhrP3EQ1xLWjzPmadtRp8hwRB28Z_sHDKS1T4PXqeldhOdf_gwl-MJXywkwRiPBlvG2hUQMt8RXgtFeUg2HO63D4Y7Pn7ir-zQscN1kcdkpox-95hccFF1T8wEV1Z3VSQ4RFWckKrc0GfNF6BICIR08ps0755Lp4qKYGxpdGeTrUm_SdS6S73VVeOcukyoaY3XNGfq9sIiJz4iVqtpWEMuaimzUiuCFeevXdaS-qtHYDQ-mjxMVagqm89fT-kauJ6ghJ7xfH0pW0JqubPF0SqnFa5nHVUWfsLusfvkQa8XHYHfkm7A2m_BZwiVT5wUMs6S6Ss6ugQHzi2SVdugWvXzYhcxVi8T2X_oaPOzYfz2JAjlqjsLLOylEiK4t11qXawfLoNY8NHiJSRMmTQOETAa-77lsKvkEOEfNGL5DluT0Z63C_8PBn65-t8YrYXZ6jaKP0k1aSAImLyVGMTwyEFI0zogRpUStCBCyLOBBqlbD1vsCpLJZkVDP9Pbz-PER4rjELazVnOUrV9z8Qw1LWPngjzKzynpWFpfsT3ov8p5f6jTVTKEM3dvcztzbiWKw4sn07S3dfTEqwK_pd0RCkMBklxhxRg8gJ9ZheJre8kSbfmPlZePVjYi3AWlYGATRrfCk8pxsSzSTXxS35V1B_tA-I_pNwzfWyQJhmH4HorYzPOqbTWNgcma037Owa-3qKHAj2BPzHv-GLlOansMSvkWhyfDpJAhj_nB0GKu-AJpgE2cTfai8MkZvc_1bywaDPm4LccSznG-Jzb3e6Zv5OlhLa5hzWxWdG1j0qRXTZF1o4eQidPVkOIIbeD9TxduP62Q5Cf73t3xhOAWoJYM17ohpaKTElVpAB9KhVrLlgvQ7uUHDOugTvj748APFID17bet5QnYDG_UTis4
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AA0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=ByLkNareuZZTyNtudxtYPyqmO6AUAAAAAOAHgBAI&bg=!srGlsf7NAAa8BdJLnAU7ADQBe5WfOCQfEWcnmybTcngNIwXBNGf0VnhQjQpur3bu1aGDEu5-YYr6MuDhmGYQPw9Xx3TlAgAAAGRSAAAAA2gBB5kC9bUrf6DJceK2bSVKnRJIcdsI6kIHj6y1nEcUovwfxiSrh8lU3KaD6-SWZWvml3ij5bZP9cWTW4QK8zlzbmq8RKCaOMACpVaBYj_ZKZHTcluY35AW_FPjJBl1roJwIYfU56lbtoSmWpO-lPqIZVxjWu88q7FODx1iGImblieVjsIR1b6xs_1G1zrM6qS7fd8vAeRaccDaL1cAiyopMyMjgbEVtL7haCTSfFStG99wI5kgyb6AnY0nJFAnsKcyW76eUpwJ2K_fUij3_e6aDSPJEAqhqW8QLdL67bI2R4zeHtwPAsnD_EonIZaMqRJlAkQfMz1yNWicckMpRE8YBtIxqIZe8wmiQkGDGd0xhiH-EYfOP-lGz0mamDQKNVuCKdCYZMoMr_v8GsFb5gYsMXuelsL8_xGBfNlOnPqrLuLk0bIMNfGr3y-cukMRxt6952t4-pd2s5usS-Kqid5zF1y1iUOeiX99BwgtpBb_ZX-tIpyBCSoO89wj7NdyQQUZE439VwFrudRBs2Wg9mOkkf-RL3eOvF1Znc9lilMwamDnkG-uiSbwelTccGDSB8jxA2MCSrP96bfkKutbHkUTGavBRFk5llUTwqGwRpzx7N2_YTGfJUDpvcI-okYfBfECLE4sj1wFgkei_zxd8NsquA032D4fJdrwkHrFboegSBFJC_5njrSkFJCKjiyBIRIaBdbYFhXNW4W1ReUcNU-v1KX70SrBFNovCouukkfvQMjq3VIJ8JRhULV3THfi_5RkVH1gZLWZE4A4W3aGXgarTdkYbkb196h6Rsf5dY_K4co2M3J1Tug13xtjlW5cjMTOrp2ZHfbltFYu3GfaerOHONIyXwKbFJ92EbnNIMQSjBo_Bgr7Vb_snaEMvm6D6nGYvCfImKroCvxLXOEzaCOB4HW2t6otadxjHW-h_AAaOJyeNB8SR35dWuEgouljjj6JkX3n-rsmSMW6DRLwEB-yspc1Vp2LMQvQHNOr-dp5B3EZDcvcLny0qew
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame BD5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstI-DPnzyXkwjQ-IbB88Y5xCrQvDxYb8uIQTkBSlfv3nfekx9UJbuRqPViFmDcyixztUELZVnOMZ58K7f2a_NdShtUlIw86xQjydOBY9botgeP9MO2JsnHctODG-y4suEAr84vyQZ0bHQhJkYtd0f5nSYzrkxiKLBxqg8Lim0snqTVvBaS1_BYyMlI7K7PLW9-fnoxh6dCP_52KvGXsPyNwn6LemNsUUk3R1h11LgCS7RZIspCZRKzIzTToF_AbueKDj7tYHlF1IDNiJGYYAf0CJZwVdZIOq3rboUSIpgu9G4ay0QppGxqngbuWf-VonRUPk56WS7fn808dPJ6Uwkm_jJMlJVsYn-6uNdclyAnyklqVKWlekRkUPSYmaJodvKf4e7GwSmMx6INJsXYg_7G6xAA9uo1ZhzKJc1__iCyrzarjXzLulqhskpYNYOrycwQ3u8QAhYc87a8zsFYAemwG4TnQ1mVKTtdtqW1e9S752piKgX2S0LrtggULa952ZeZBf3OCZnUZ-ZSROHZVJRUvXEEvqaFQC3wJEGTxtNc9H7Bbx1PBkJXFffH5qgVxqv5modpKgJwn6wual_SE7gNF2aSpixfCEgH1xHzEsnarasKo-QPu9j1f9FwjThfcCwL6G3cLyrLg-aU1KweaLpe0BKTtSP5IzaxNlTLBzqJF975Wg0YGa3z6oFbYj7OwXK9xn4xy5EnZ930yetSAPw0y0_gmgcGxb3-IhXJ3kzQnILMOQ1F14BYNkIDZx6TAmQFSu0xs4bYW3tf5iDo_GR-mco87o2UAb-9mIFiJqYbYOl4F_VoiUgPFrVFHBoPynqE7kENKbnOJ797tClQyvXW74PQ85b8Y9j4jkJn4kUgFmtIyoRtzc6MRBz6wm3Ag4uBoG9E01e0GKlKeEInPxKWhn2Xo7Ww2izLIYojhzHglugKE_qtNV6qVgyM8DEwtnJxFQe-eBxIJFtip56U0oENS9EPdEHmtvdI8V6x8ukxn8TnrYrEuIt69tqZ2cmOFXcGamTEZ1XNoD_kaYQjZnMrOE8bPdLfO12g-4xppcxWRlSaYPLZNIDACFF1pJNu0mUTGNs1n3li34tlM5qUlQOHOG4U-X4cTZK8NtjUkbNXsZHlZRJNIzK6ZynK-iVybGRJ7zvVVeQ5pGgftfyoXDwYh-sj_-9BRAALAIjBmtR9gmZ6tWqqg-XBmJl5W9hvrzXteSWspSl5o5sg69IyQ2zv6jVAc5FhLtBB8YHqSL2SS0TssKFulOp-FaNIRe-PZ9nt-Rg7azf38lmE3VkkjlBXQf6HBW2LOqA08SIuvquAUbToTeGjFSyeztJ7NwWMJVrLNNDMU6W3vwT35PO0fzFzRZBHEJRVKvTE0DOnaT6Kw_O96yJzSaQsXsUxYNpvvPEZdXhODEF46vVLFy3BP&sai=AMfl-YTeReJegpuKF7YGYpbqxNct_4ekWzki1p2QKAzblrY7vQqEzIBkhG-nBKrdwsqxT_-jpc7TQPnm5eU2GccDj9PWHEUv7Dap8j5xRit1SVVES-cWTX7oCdxXW1UCY5uCYv5tPVLloLjECaoeoqckD39lwtEtxWiLF-7uHIu_x9aTF1FrLAc9l23KiyMenVuB6NrnfCWPvRGuM1ECx2WGuPN0bhMySygwBzGEWSvcPdjIiHNeuau8kAXOokY4HAyZWL-4jkNusnnshc-aE9jRXMqGZPuk3SMy9FqJ35TynL9Py2jnTYP3gN5JYiyQ50vg87mtFXR4mgid37rfvxeJQIRQSc5JyoNddxcgKfqPBTGfsQLIPE7GdlRe_hykvM-6aLrOwL25fRKufLxKsXnxIOMJH0zdzj0ZwosD65yP-PAsmL24gOsWMNEwBQV4t0J6k6SbWVwYNZl2TRmZRYTQE1mPTALi-U5w7R-tTlVyi5YJdO_wBk3PiGpQZTGzVQdMzR2GyA&sig=Cg0ArKJSzIVzdCru7PkXEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaG9waWZ5LmNvbSxodHRwczovL3Nob3BpZnkuY2E&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1180&vt=11&dtpt=402&dett=3&cstd=775&cisv=r20240118.58218&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D009 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.124.197 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-124-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=122549
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 22 Jan 2024 18:43:57 GMT
expires
Wed, 24 Jan 2024 04:46:26 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame DE9B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
47834
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 22 Jan 2024 18:43:57 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
471, 80842
X-Served-By
cache-lga13626-LGA, cache-yyz4547-YYZ
X-Timer
S1705949037.270862,VS0,VE0
pd
ggsoftware-d.openx.net/w/1.0/ Frame FDCC 		590 B
656 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ggsoftware-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b5ed508e746a172a6dad52ad6fe0a553753b62ed97f2b9231322189090838863

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
349
content-type
text/html
date
Mon, 22 Jan 2024 18:43:57 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 2927 		37 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94f223ccf9bf40d6a340e41b70de9e62bdc1fa311501cd1928f09f4d1a482085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
12344
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 18:43:57 GMT
expires
Wed, 24 Jan 2024 18:43:57 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
sync.cootlogix.com/api/sync/iframe/ Frame 932C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.126.4 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
03f036cfcd286826372c70e4161fe67610f9e4b04778aa1f1c45bd765ba685d8

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
1859
content-type
text/html
date
Mon, 22 Jan 2024 18:43:57 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
iframe
sync.colossusssp.com/ Frame B8C5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.155.100 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
3c250aeb3756baae68234b38f0d9ee835cf81c52b825ff1c4d4a42b836efc35f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 22 Jan 2024 18:43:57 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
ixmatch.html
js-sec.indexww.com/um/ Frame 023A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
110
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8499f20aeca13773-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 18:43:57 GMT
expires
Mon, 22 Jan 2024 22:43:57 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 5F69 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
6d1e4643d16163184b10f4793692716cc5150c27ff29e0ce415837fbf9910351

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1347
content-type
text/html; charset=utf-8
date
Mon, 22 Jan 2024 18:43:57 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
xuid
eb2.3lift.com/ Frame 5F69
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 22 Jan 2024 18:43:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&dongle=0cfd&gdpr=0&gdpr_consent=
date
Mon, 22 Jan 2024 18:43:57 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 5F69
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTMzMTU3OTEyODc2MzM0MjY5NTk3Nw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5F69
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELb1BdRV62oZbgZDatsDOtk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELb1BdRV62oZbgZDatsDOtk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 22 Jan 2024 18:43:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELb1BdRV62oZbgZDatsDOtk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5F69
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTMzMTU3OTEyODc2MzM0MjY5NTk3Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTMzMTU3OTEyODc2MzM0MjY5NTk3Nw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTMzMTU3OTEyODc2MzM0MjY5NTk3Nw%3D%3D
date
Mon, 22 Jan 2024 18:43:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 5F69 		0
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1331579128763342695977&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 5AD00FD7D2434BC4B1A67B7C3667563E Ref B: YTO01EDGE0412 Ref C: 2024-01-22T18:43:57Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPjTZitp0m/erWCd/rFw==
xuid
eb2.3lift.com/ Frame 5F69
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1331579128763342695977?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-vSlkB8tE2oQBrzzr1n.rJEJRQYqn5BjBahvBsqMS_Q--~A&dongle=0883
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-vSlkB8tE2oQBrzzr1n.rJEJRQYqn5BjBahvBsqMS_Q--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 22 Jan 2024 18:43:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 22 Jan 2024 18:43:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-vSlkB8tE2oQBrzzr1n.rJEJRQYqn5BjBahvBsqMS_Q--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 5F69
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1331579128763342695977&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1331579128763342695977&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8afe8626-c4c1-4ba3-8d49-84dc68781890&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=99ac63e3-e16d-4a63-aae4-f6f4e132d491&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=99ac63e3-e16d-4a63-aae4-f6f4e132d491&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 22 Jan 2024 18:43:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=99ac63e3-e16d-4a63-aae4-f6f4e132d491&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 22 Jan 2024 18:43:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 5F69 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
615959
expires
Mon, 22 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5F69
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5264239699130614520&dongle=4d58&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5264239699130614520&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 22 Jan 2024 18:43:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
an-x-request-uuid
18752f94-747a-4449-8add-c87b51bd8d64
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=5264239699130614520&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 5F69 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1331579128763342695977
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
an-x-request-uuid
4837a4fe-fe19-4a73-b174-d2d216335ec1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bridge3.614.1_en.html
imasdk.googleapis.com/js/core/ Frame BB1F 		755 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.614.1_en.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a020cc1c67c608133cfe17af5d69384ab6d035f191f4dcc77241d35d5ec4bc50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5esrd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
240320
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247156
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 23:58:37 GMT
expires
Sat, 18 Jan 2025 23:58:37 GMT
last-modified
Fri, 19 Jan 2024 23:53:56 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Jan 2024 18:43:57 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A22C 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 22 Jan 2024 19:41:56 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B55F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8KALareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTXAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMAi3ARtxqd938l6XSplOg0xIZNvz966O1hGRMwwat6Viowhrhv44AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzCACgP6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwGyFxwKGhIUcHViLTk4NzIyMzM2ODk2ODk3NDYYzMIh&sigh=abA08Zbfpus&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_wNFW09g2A-av-2dwpKPP4H5oSekIf_K-dNoN7_PHvrahNlnPaly7cxRa0d3vE3nWibv_fynPvHPOuPNb_HQT5Qj6QtesajkQO0oYAQ&cbvp=2&vis=1
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame B55F 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k6m8FP72BsoHWuIinRcCAAAAS4S_W2PdrATUeRVF6AwHWBBqt65l7sIpUndSnzM9uQAAEgAACgpBUVVCQ2dFQkNn&wp=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&cbvp=2
Requested by
Host: 4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:56 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
150712
server
Kestrel
content-length
0
sd
us-u.openx.net/w/1.0/ Frame FDCC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=eWKhpx5YUWtHALyFbQLb_aYAzQQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=eWKhpx5YUWtHALyFbQLb_aYAzQQ
Requested by
Host: ggsoftware-d.openx.net
URL: https://ggsoftware-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ggsoftware-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=eWKhpx5YUWtHALyFbQLb_aYAzQQ
Date
Mon, 22 Jan 2024 18:43:57 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
dds
rtb.openx.net/sync/ Frame FDCC
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=NHnF3o1Wj124t3dEnrHI5A==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: ggsoftware-d.openx.net
URL: https://ggsoftware-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ggsoftware-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7fe829a6-b47c-a43a-6f14-2d06b2ff3f17
pr-bh.ybp.yahoo.com/sync/openx/ Frame FDCC 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/7fe829a6-b47c-a43a-6f14-2d06b2ff3f17?gdpr=0
Requested by
Host: ggsoftware-d.openx.net
URL: https://ggsoftware-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:3c33:5926:76d2:8c3e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ggsoftware-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame FDCC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=7619955c-c7b9-43f4-9049-993b7e492194
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=7619955c-c7b9-43f4-9049-993b7e492194
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=7bc5428f-74f5-4fe2-8312-34d603a2b65e&user_group=1&ssp=openx&bsw_param=7619955c-c7b9-43f4-9049-993b7e492194
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ggsoftware-d.openx.net
URL: https://ggsoftware-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ggsoftware-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 22 Jan 2024 18:43:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame FDCC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=oXgCOkh_icqczsnl2wUCb6dOHmbHXQ4ixr4-8HV1R1k&pi=openx&gdpr=0&tc=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=oXgCOkh_icqczsnl2wUCb6dOHmbHXQ4ixr4-8HV1R1k&pi=openx&gdpr=0&tc=1
Requested by
Host: ggsoftware-d.openx.net
URL: https://ggsoftware-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ggsoftware-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=oXgCOkh_icqczsnl2wUCb6dOHmbHXQ4ixr4-8HV1R1k&pi=openx&gdpr=0&tc=1
pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT, Mon, 22 Jan 2024 18:43:58 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FDCC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qCzHwfwukMCze5_AqXyLl_14xJSzLZHBqC67A53Y
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qCzHwfwukMCze5_AqXyLl_14xJSzLZHBqC67A53Y
Requested by
Host: ggsoftware-d.openx.net
URL: https://ggsoftware-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ggsoftware-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qCzHwfwukMCze5_AqXyLl_14xJSzLZHBqC67A53Y
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B55F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_z39c-S8C_bpdbNyd8A69tgEmpvLCcxdPcYjWrRvpy05yzXZaZe2Ry_uS6Sj22Xwhvl2q3RUdWgb5LjPZ-4TbP8qArnD8DBV1WXIu_kym1BcTAS8V0SI&sig=Cg0ArKJSzNK-2uKZcokiEAE&id=lidar2&mcvt=1001&p=61,420,151,1390&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1061454547&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705949035175&rpt=1018&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DE9B 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
an-x-request-uuid
f6da0d9e-f020-49aa-862a-ef3be575f951
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame BB1F 		68 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F308365556%2C22580876450%2Fvideo-test&description_url=https%3A%2F%2Fwww.5esrd.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3226986125182114&vad_type=linear&cust_params=ncpm%3D0.00%26domain%3D5esrd.com%26contax%3D272%2C246&vpa=click&vpmute=0&sdkv=h.3.614.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=openplayerjs&mpv=3.0.0&us_privacy=1---&sdki=445&ptt=20&adk=2478549158&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.614.1&media_url=blob%3Ahttps%253a%2F%2Fwww.5esrd.com%2F9550b803-ca48-4ee8-9c5c-e8c21d96d90d&sid=87B87325-2E6C-4077-80D4-63410C1242BE&nel=0&eid=44752657%2C44772139%2C44777649%2C44781409%2C44804291%2C44809548&url=https%3A%2F%2Fwww.5esrd.com%2F&dt=1705949037383&cookie=ID%3D122a1332af3f47b0%3AT%3D1705949034%3ART%3D1705949034%3AS%3DALNI_Ma1_PdfMEFiZrf8jbKmlENlyZR9YA&gpic=UID%3D00000db9363cf52e%3AT%3D1705949034%3ART%3D1705949034%3AS%3DALNI_MYqqeMiTJGx2tXLZ0rD3VDEwNEg2Q&scor=724431138782459&ged=ve4_td7_tt0_pd7_la7000_er283.216.436.516_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.614.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02e9b4d294b44ad451eeba57019d1a6e41bd40e0913ab8183d484dbccc80d75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7402
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 5AB9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=vidazoo&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Requested by
Host: sync.cootlogix.com
URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.cootlogix.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Jan 2024 18:43:58 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 22 Jan 2024 18:43:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
server
AkamaiGHost
all
csm.us.criteo.net/ Frame 8AA7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=JZr9d97_mcEDBESESo3Q3o7bMeZ2vDVkY-A2dblRgq-SWOUkuOtch9wKTWK-OT-cT9cUhTsVHuo8bkOypoR5gli1DsookdRZClynqq4M08RC837dEm8f5IVpbHNqWTVw48M8hbv39Gi91K-K6nNP8fcEktjz0yI9gOZGDl9BPfYxRi1Z6ZqErXAnufmdtReLbQmGKgEXqylY9vDYoyXxVYspgKbyiLm7KUTapDicRy_vsDkWr5hxcKqzBCO0eUi1l06WAA&sds=2&rev=90272.1&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Za63agANsx0Bd4BZAA5QI3eg3w6vRwf2LNdnBA&u=%7CNiUElagMDOkX8BVQ16zuCf83UM7PZRAhgc6B5I%2BH8Zk%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxcjgrICXQXHHHErTln-HNzX1oOXo4KK-70sS7zRgoQAin_SqwuVrfdgVheSXPqMFoxu8CU9PN6IwWzxbDjVL7NShgf3fd1R-v8dT0bIw3mWn47JGGwXtU8JUG04H7EQ3iqlFQFh2O8scdN5-lB6C2sknc64m2oO81F80iiznBmdkuREsvsB1wnY2qnwMYB-lFa4K_nstkULpOcO857pqEzVhdHSVSvE6nmQK0F0rgqlaYE-hHh5uDoWcPMWcj28yo67m-s76rgD8Q9cLmP-ASgXDugCzCDmvLkX-aNGs-yWOZrWs9IEtDDHcSrPGGqD_VJl9ZSlkC-b8B7vAAkEJ7IbhkKycUazKrWcc44hobyqXlFd9DGjM398HJWaMlTWxMq7WbLeYoV5AjrfYmbc1rd7ieOYiMzjOVYfLYPux6Sp3exwoLanCwHPFAqidhVM3H5jQjnwtkVhLGJPhdm8ImWMOLBrY6m9tMa8udOmvoFmVqrZoKVpyAo5G3icjDDYfLHkh0gQm-Dkc_g27jXvWeh-ax6VVthmMLXX7SNCRFKfZeVjVS3E73Zs0tkJquWY2YGx0GDPchD_lTNHdq0n8c2s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtl3EareuZZ3mNtmA3rsPo6C5wAGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi05ODcyMjMzNjg5Njg5NzQ2yAEJ4AIAqAMByAMCqgTaAU_Q-wln_LqGMUU-gC1FNZURWtnhfCxGzTqQL8hImoPta9Ab_6HuxM-NKIruRM08nGDLvmQmMfIEuqdeSNvum8t_BW2x8WB54_-gMmxk8DfSpi7l6LMqvhqlv5v1bZ5VOkPPiv41IUcZTUEfVTzR5-LYQahBI0lIAqIo2B2NdvM9w_2ikaa0s-sQbRno3x40BZbW2AvJDanLHdciWufp-oL4hLcPb7to8OMVnZrE7rITnMBg3iT_ABqWpUCRYv7pA-qVkJxHxvCi_8O1PkX51MC5kg3lOiIf6_sl4AQBgAbG9p6wsqSZmFKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY1KPqsdPxgwPyCBthZHgtc3Vic3luLTk0MjkzMTYxMzQ0MzQ4NzD6CwIIAYAMAeINEwil0uqx0_GDAxVZgHcBHSNQDhjQFQGAFwE%26num%3D1%26sig%3DAOD64_2cgFrWU72Ez93f8Y84qT29zNy37A%26client%3Dca-pub-9872233689689746%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 22 Jan 2024 18:43:57 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sync
x.bidswitch.net/ Frame B8C5 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=huddledmss
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie
sync.cootlogix.com/api/ Frame B8C5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.colossusssp.com/ap.gif?puid=$UID
  • https://sync.colossusssp.com/ap.gif?puid=5264239699130614520
  • https://t.adx.opera.com/pub/sync?pubid=pub9891457922432
  • https://sync.colossusssp.com/7fe59af1e9f84455a7de453521d1626d.gif?puid=OPU70a0bce6039d4daca1e59f3959e90c3e
  • https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=bf94023f-32db-4796-a13b-f1630153aa5a
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=bf94023f-32db-4796-a13b-f1630153aa5a
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
134.209.126.4 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:58 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=bf94023f-32db-4796-a13b-f1630153aa5a
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cookie
sync.cootlogix.com/api/ Frame B8C5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=9um7azn&ttd_tpi=1
  • https://sync.colossusssp.com/td.gif?puid=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&ttl=1708541037
  • https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=bf94023f-32db-4796-a13b-f1630153aa5a
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=bf94023f-32db-4796-a13b-f1630153aa5a
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
134.209.126.4 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:57 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:57 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=bf94023f-32db-4796-a13b-f1630153aa5a
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cookie
openrtb.cootlogix.com/api/ Frame B8C5 		43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openrtb.cootlogix.com/api/cookie?userId=bf94023f-32db-4796-a13b-f1630153aa5a&partnerId=colossus
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.241.152.120 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:57 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
cookie
openrtb.cootlogix.com/api/ Frame B8C5
Redirect Chain
  • https://id.rlcdn.com/712075.gif?ct=2&cv=
  • https://id.rlcdn.com/1000.gif?memo=CIu7KxoNCO3uuq0GEgUI6AcQAEIASgA
  • https://sync.colossusssp.com/4560195433dd0d468e9a635d097ffb01.gif?puid=
  • https://openrtb.cootlogix.com/api/cookie?userId=bf94023f-32db-4796-a13b-f1630153aa5a&partnerId=colossus
43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openrtb.cootlogix.com/api/cookie?userId=bf94023f-32db-4796-a13b-f1630153aa5a&partnerId=colossus
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
192.241.152.120 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:58 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://openrtb.cootlogix.com/api/cookie?userId=bf94023f-32db-4796-a13b-f1630153aa5a&partnerId=colossus
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cookie
openrtb.cootlogix.com/api/ Frame B8C5
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]&us_privacy=[CCPA]&redirectUri=https%3A%2F%2Fsync.colossusssp.com%2F021909c6bcf2644c2583393eed86ca15.gif%3Fpuid%3D%24UID%26gdpr%3D%26gdpr_conse...
  • https://sync.colossusssp.com/021909c6bcf2644c2583393eed86ca15.gif?puid=VESUbiittUiZO3GX6dGv&gdpr_consent=&gdpr=[GDPR]&us_privacy=[CCPA]
  • https://x.bidswitch.net/sync?ssp=huddledmss
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=huddledmss&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?user_id=AABf_k7LXW8AABMaNAEM6g&dsp_id=269&expires=5&ssp=huddledmss
  • https://sync.colossusssp.com/bidswitch.gif?puid=99ac63e3-e16d-4a63-aae4-f6f4e132d491
  • https://openrtb.cootlogix.com/api/cookie?userId=bf94023f-32db-4796-a13b-f1630153aa5a&partnerId=colossus
43 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openrtb.cootlogix.com/api/cookie?userId=bf94023f-32db-4796-a13b-f1630153aa5a&partnerId=colossus
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
192.241.152.120 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:58 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://openrtb.cootlogix.com/api/cookie?userId=bf94023f-32db-4796-a13b-f1630153aa5a&partnerId=colossus
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cookie
sync.cootlogix.com/api/ Frame B8C5 		43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=bf94023f-32db-4796-a13b-f1630153aa5a
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.126.4 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:57 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
colossus
ids.ad.gt/api/v1/ Frame B8C5 		43 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=bf94023f-32db-4796-a13b-f1630153aa5a
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:58 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8499f20f080f3701-YYZ
content-length
43
content-type
image/gif
712075.gif
id.rlcdn.com/ Frame B8C5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/col
  • https://sync.colossusssp.com/500e7b56c46df78315584d09f505b8d4.gif?puid=AABf_k7LXW8AABMaNAEM6g
  • https://id.rlcdn.com/712075.gif?ct=2&cv=
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/712075.gif?ct=2&cv=
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:57 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://id.rlcdn.com/712075.gif?ct=2&cv=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame B8C5
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3427&partner_device_id=bf94023f-32db-4796-a13b-f1630153aa5a
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D9b244153-841e-453a-bde1-70992b73f94e%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5264239699130614520&pt=9b244153-841e-453a-bde1-70992b73f94e%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5264239699130614520&pt=9b244153-841e-453a-bde1-70992b73f94e%2C%2C
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
an-x-request-uuid
f399e4aa-f1c7-42f9-9096-8fa2cd63c3ba
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5264239699130614520&pt=9b244153-841e-453a-bde1-70992b73f94e%2C%2C
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rmpssp
sync.1rx.io/usersync2/ Frame B8C5
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9891457922432
  • https://sync.colossusssp.com/7fe59af1e9f84455a7de453521d1626d.gif?puid=OPU70a0bce6039d4daca1e59f3959e90c3e
  • https://sync.1rx.io/usersync2/rmpssp?sub=colossus
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
363546c6-f8af-4f33-8c94-663c5bd45eaa
ex.ingage.tech/v1/sync/colossus/ Frame B8C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/colossus/363546c6-f8af-4f33-8c94-663c5bd45eaa?uid=bf94023f-32db-4796-a13b-f1630153aa5a
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
rmpssp
sync.1rx.io/usersync2/ Frame B8C5 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
pubcid.php
hbx.media.net/ Frame 2927 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.44.18 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-44-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Mon, 22 Jan 2024 18:43:58 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Mon, 22 Jan 2024 19:13:58 GMT
sync
gum.criteo.com/ Frame 2927 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
315513
expires
60
usync.html
eus.rubiconproject.com/ Frame A54B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Jan 2024 18:43:58 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 22 Jan 2024 18:43:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame D17F
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Drkt%26refUrl%3D%26vid%3D594903753934895063570340930...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3489506357034093000V10&type=rkt&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=1791377156191064515
231 B
678 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3489506357034093000V10&type=rkt&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=1791377156191064515
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
231
content-type
text/html;charset=UTF-8
date
Mon, 22 Jan 2024 18:43:58 GMT
expires
Mon, 22 Jan 2024 18:43:58 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 22 Jan 2024 18:43:57 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3489506357034093000V10&type=rkt&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=1791377156191064515
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3168 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Dpba%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.124.197 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-124-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=122549
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 22 Jan 2024 18:43:57 GMT
expires
Wed, 24 Jan 2024 04:46:26 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us
sync.go.sonobi.com/ Frame 2927 		0
0
cksync.php
contextual.media.net/ Frame 2927
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=con&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035437&gdpr_c...
57 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=con&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035437&gdpr_consent=&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 18:43:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 22 Jan 2024 18:43:57 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=con&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035437&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
contextual.media.net/ Frame 2927
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3489506357034093...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3489506357034093000V10&type=opx&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=2303267d-8fd0-0c93-3d8c-459dff476082
231 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3489506357034093000V10&type=opx&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=2303267d-8fd0-0c93-3d8c-459dff476082
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 18:43:57 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
231
x-mnet-hl2
E
expires
Mon, 22 Jan 2024 18:43:57 GMT

Redirect headers

date
Mon, 22 Jan 2024 18:43:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3489506357034093000V10&type=opx&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=2303267d-8fd0-0c93-3d8c-459dff476082
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 2927
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Dr1%26refUrl%3D%26vid%3D59490375393489506357...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8007836238
  • https://sync.1rx.io/usersync/tradedesk/553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2
  • https://sync.targeting.unrulymedia.com/csync/RX-82936826-9fe8-451e-b84d-303146b39ef7-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=r1&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=RX-82936826-9fe8-451e-b84d-303146b39ef7-005
57 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=r1&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=RX-82936826-9fe8-451e-b84d-303146b39ef7-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 18:43:58 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 22 Jan 2024 18:43:58 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=r1&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=RX-82936826-9fe8-451e-b84d-303146b39ef7-005
date
Mon, 22 Jan 2024 18:43:57 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX829368269fe8451eb84d303146b39ef7005
content-type
text/html
cksync
cs.media.net/ Frame 2927
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ4OTUwNjM1NzAzNDA5MzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELsv6I2zgk5eg8fVKNe2jpU&google_cver=1
57 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELsv6I2zgk5eg8fVKNe2jpU&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
23.200.44.18 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-44-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:57 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
57
x-mnet-hl2
E
Expires
Mon, 22 Jan 2024 18:43:57 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELsv6I2zgk5eg8fVKNe2jpU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 2927
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Ddxu%26refUrl%3D%26vid%3D59490375393489506357034...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Ddxu%26refUrl%3D%26vid%3D59490375393489506...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=dxu&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=j7NgiJul1RrZh45
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=dxu&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=j7NgiJul1RrZh45
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 18:43:58 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 22 Jan 2024 18:43:58 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:57 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-05bb09155632c34a4@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=dxu&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=j7NgiJul1RrZh45
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 2927
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=eff25136-4af8-4ea6-abc8-49da811f8a17&gdpr=0&gdpr_consent=&us_privacy=&gpp=
57 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=eff25136-4af8-4ea6-abc8-49da811f8a17&gdpr=0&gdpr_consent=&us_privacy=&gpp=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 18:43:58 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 22 Jan 2024 18:43:58 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=eff25136-4af8-4ea6-abc8-49da811f8a17&gdpr=0&gdpr_consent=&us_privacy=&gpp=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1154085
content-length
0
expires
Mon, 22 Jan 2024 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 2927
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=7619955c-c7b9-43f4-9049-993b7e492194&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=medianet&user_id=PE3QoATcLvodKjQNwOfj0
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=&gdpr_consent=&gdpr_pd=
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 18:43:58 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 22 Jan 2024 18:43:58 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 22 Jan 2024 18:43:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
cs.media.net/ Frame 2927
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=zKJmsEAd
  • https://cs.media.net/cksync.php?cs=3&type=shr&ovsid=d6630e4d-4a2d-4525-a2ce-0b6de149f6df
57 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=3&type=shr&ovsid=d6630e4d-4a2d-4525-a2ce-0b6de149f6df
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
23.200.44.18 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-44-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:58 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
57
x-mnet-hl2
E
Expires
Mon, 22 Jan 2024 18:43:58 GMT

Redirect headers

location
https://cs.media.net/cksync.php?cs=3&type=shr&ovsid=d6630e4d-4a2d-4525-a2ce-0b6de149f6df
date
Mon, 22 Jan 2024 18:43:57 GMT
content-length
0
cksync.php
contextual.media.net/ Frame 2927
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=R6szywjTxz4ISx9CzGYb
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=R6szywjTxz4ISx9CzGYb
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 18:43:58 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 22 Jan 2024 18:43:58 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:58 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=R6szywjTxz4ISx9CzGYb
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
111
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 2927
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3489506357034093000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3489506357034093000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=376d755f-73d2-42f8-9786-f8df9b0ce467&cs=1
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=376d755f-73d2-42f8-9786-f8df9b0ce467&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 18:43:58 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 22 Jan 2024 18:43:58 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=376d755f-73d2-42f8-9786-f8df9b0ce467&cs=1
date
Mon, 22 Jan 2024 18:43:58 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame 2927
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2
57 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
23.200.44.18 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-44-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:58 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
57
x-mnet-hl2
E
Expires
Mon, 22 Jan 2024 18:43:58 GMT

Redirect headers

location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2
date
Mon, 22 Jan 2024 18:43:58 GMT
server
Kestrel
content-length
199
blank.png
s0.2mdn.net/sadbundle/873199182112882688/Assets/ Frame F948 		927 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/873199182112882688/Assets/blank.png
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 12:03:12 GMT
date
Mon, 22 Jan 2024 12:03:12 GMT
x-content-type-options
nosniff
age
24045
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
927
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 02:25:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Dark_Green_blue_Blur300x250.png
s0.2mdn.net/sadbundle/873199182112882688/Assets/ Frame F948 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/873199182112882688/Assets/Dark_Green_blue_Blur300x250.png
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
c7a408bad379a4bb11911118349961fc578f7ad44c084315a2cb68cea4bd9588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 13:25:20 GMT
date
Fri, 19 Jan 2024 13:25:20 GMT
x-content-type-options
nosniff
age
278317
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54024
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 02:25:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
300x250_BaseImage2_Theme.png
s0.2mdn.net/sadbundle/873199182112882688/Assets/ Frame F948 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/873199182112882688/Assets/300x250_BaseImage2_Theme.png
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
aad3a7fb9d552a5b3dcdc13d7e054602f9cb8daf18476421718f83bad7d04268
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 13:44:10 GMT
date
Fri, 19 Jan 2024 13:44:10 GMT
x-content-type-options
nosniff
age
277187
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64679
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 02:25:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
300x250_BaseImage_Theme.png
s0.2mdn.net/sadbundle/873199182112882688/Assets/ Frame F948 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/873199182112882688/Assets/300x250_BaseImage_Theme.png
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
5f3e4474e837b01e962bd1e741068d28829084b80094ddfbf36d1d1fb7d186da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 13:25:20 GMT
date
Fri, 19 Jan 2024 13:25:20 GMT
x-content-type-options
nosniff
age
278317
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14830
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 02:25:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Shopify_Logo_White_Recropped.png
s0.2mdn.net/sadbundle/873199182112882688/Assets/ Frame F948 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/873199182112882688/Assets/Shopify_Logo_White_Recropped.png
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
cd313997d4ddd0d290c7c247b587d09dd2d33a468e27cda5c1bd589bd299df34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/873199182112882688/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 13:44:10 GMT
date
Fri, 19 Jan 2024 13:44:10 GMT
x-content-type-options
nosniff
age
277187
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45903
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 02:25:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
csi
csi.gstatic.com/ Frame BB1F 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lrpa0dms&c=6571869589795&slotId=3285934794897.5&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icdi=200x200&vmfc=1&vhc=0&ccc=1&ccrh=0&ccri=0&ccrs=1&ccru=0&ccrhc=false&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.614.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c0f::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BB1F 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lrpa0e2b&c=6571869589795&slotId=3285934794897.5&qqid=CL-MibPT8YMDFcKMywEdkcAPXA&gqid=bbeuZenQG4vPrr4Pp4e9sAg&fb=ima_html5-lima&sdkv=h.3.614.1&ppt=openplayerjs&ppv=3.0.0&mrd=4&aab=1&itv=1&ghmsh_eids=44752657%2C44772139%2C44777649%2C44781409%2C44804291%2C44809548
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.614.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c0f::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
202305115d0da3970a90ece3416ca229
p16-ttam-va.ibyteimg.com/origin/ad-site-i18n-sg/ Frame BB1F 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-ttam-va.ibyteimg.com/origin/ad-site-i18n-sg/202305115d0da3970a90ece3416ca229
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.12.146.150 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-146-150.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
cdb82b0a0d03e51d3dcb285d20a3733592db101c591fbe6843e84e320af9ae95

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:58 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
nw-session-id
20230516150504F6B715CD38604AC177F5brnn221df
x-powered-by
ImageX
x-cache
TCP_HIT from a23-36-66-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
8,184.27.176.44
server-timing
cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, inner; dur=1
x-length
10187
content-length
10187
last-modified
Tue, 16 May 2023 15:05:05 GMT
server
nginx
x-tt-logid
20230516150504F6B715CD38604AC177F5
x-response-date
Tue, 16 May 2023 15:05:05 GMT
content-type
image/png
access-control-allow-origin
*
nw-session-trace
2023-05-16T15:05:05.698594835Z 589
cache-control
max-age=30513401
x-tt-trace-host
013477a100db1265f2788bf381d1e659639a6271a3bf518e1f21fb0e38e5acc1606faab0890c3d920bd1d66c123c6d21dc145f16daec89273d821d91cc7248cfaa1b34d22e41c91118cb8acd6d61855275f72e5dbe8f0789fa052b78fb96bc7aeee7f0221aed015222a104896212033ed1
imagex-fmt
png2png
timing-allow-origin
*
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BB1F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CI90GbbeuZf-hHcKZrr4PkYG_4AWUmMPbc8vWgfK6EcCNtwEQASAAYH2CAR1jYS12aWRlby1wdWItOTg3MjIzMzY4OTY4OTc0NsgBBeACAKgDAZgEAKoE7wFP0LogxX22GGNrzECCX3bInWLyJ-DLu_b0BZt_dFG_yBp7MuXg7DjoCHKs5AqD_7cZGlTxxit0k4lIX90kBJjeH12nsqZ4htrSDcdQzIZYk32HR4nbqq2Jv-Xv9X1ZDMj8j1jRExoMAtw96FmcnBxjDvnvlAe10dvRbW9Kqd0zff_1nRrvZJJOH9EP088yZvWhHCGojeqW6vlliqLQyuunh0FWjYmwEkmQ7lriTupeWUdEsGOl0RE6gINFemyr824gbNLiB03aeMdd71NEp9oyF-ABouM4esTMe0cLS8qQ1xxzyrvuE6e-McVyKv10veAEAYAG6J7pgJ3V2O77AaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljE6oez0_GDA_IIG2FkeC1zdWJzeW4tOTQyOTMxNjEzNDQzNDg3MPoLAggBgAwB4g0TCISciLPT8YMDFcKMywEdkcAPXNAVAYAXAQ&sigh=clvwjxPMmlU&label=show_ad&sdkv=h.3.614.1&vci=CnQIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKhMtMjk3OTczNTE4ODU2MjA0NDQwMhAxNzc5MTk1MzkxMDU4OTk0QOQDUh0QDyUAAOhBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame BB1F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CbpSrbbeuZf-hHcKZrr4PkYG_4AWUmMPbc8vWgfK6EcCNtwEQASAAYH2CAR1jYS12aWRlby1wdWItOTg3MjIzMzY4OTY4OTc0NsgBBeACAKgDAZgEAKoE7AFP0LogxX22GGNrzECCX3bInWLyJ-DLu_b0BZt_dFG_yBp7MuXg7DjoCHKs5AqD_7cZGlTxxit0k4lIX90kBJjeH12nsqZ4htrSDcdQzIZYk32HR4nbqq2Jv-Xv9X1ZDMj8j1jRExoMAtw96FmcnBxjDvnvlAe10dvRbW9Kqd0zff_1nRrvZJJOH9EP088yZvWhHCGojeqW6vlliqLQyuunh0FWjYmwEkmQ7lriTupeWUdEsGOl0RE6gINFemyr824gbNLiB02YeubPA7qvxzHZbS6D0SqSCOPGjk4lUz57TW-6ajzAP79Q_TYSweAEAYAG6J7pgJ3V2O77AaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljE6oez0_GDA_IIG2FkeC1zdWJzeW4tOTQyOTMxNjEzNDQzNDg3MIAKA_oLAggBgAwB4g0TCISciLPT8YMDFcKMywEdkcAPXNAVAYAXAbIXHAoaEhRwdWItOTg3MjIzMzY4OTY4OTc0NhjMwiE&sigh=DAOs07-6SmE&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&cid=CAQSOwAvHhf_pONt7IEnfb1zRoS_RVPh7bhdqhi3Jt5agIzaYLZ2Mcf9vwZc2g4YidUeDCSCmTTVYRF37_tsGAE&vt=10&sdkv=h.3.614.1&vci=CnQIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKhMtMjk3OTczNTE4ODU2MjA0NDQwMhAxNzc5MTk1MzkxMDU4OTk0QOQDUh0QDyUAAOhBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lrpa0dfu&c=6571869589795&slotId=3285934794897.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c0f::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.5esrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie
sync.cootlogix.com/api/ Frame 932C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=vidazoo&us_privacy=1---&gdpr=0&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-82936826-9fe8-451e-b84d-303146b39ef7-005?redir=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dunruly%26userId%3DRX-82936826-9fe8-451e-...
  • https://sync.cootlogix.com/api/cookie?partnerId=unruly&userId=RX-82936826-9fe8-451e-b84d-303146b39ef7-005&us_privacy=1---
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=unruly&userId=RX-82936826-9fe8-451e-b84d-303146b39ef7-005&us_privacy=1---
Requested by
Host: sync.cootlogix.com
URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
134.209.126.4 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:58 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

location
https://sync.cootlogix.com/api/cookie?partnerId=unruly&userId=RX-82936826-9fe8-451e-b84d-303146b39ef7-005&us_privacy=1---
date
Mon, 22 Jan 2024 18:43:58 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX829368269fe8451eb84d303146b39ef7005
content-type
text/html
toutiao.mp4
v16-ad.byteoversea.com/e1d814a8ff15e98edf3fd74b26b51670/65aed93e/video/tos/alisg/tos-alisg-ve-0051c001-sg/oUIKEQBRNteiAunku8OVb0le3YoDDDCgQjrgBQ/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://v16-ad.byteoversea.com/e1d814a8ff15e98edf3fd74b26b51670/65aed93e/video/tos/alisg/tos-alisg-ve-0051c001-sg/oUIKEQBRNteiAunku8OVb0le3YoDDDCgQjrgBQ/toutiao.mp4
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.216.30 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-218-216-30.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
d7fd6a7951df870678f2259596df401332b837b5e92b15b7b8d74ea8ac73890d

Request headers

Referer
https://www.5esrd.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

X-Akamai-Request-ID
4834ff86
Date
Mon, 22 Jan 2024 18:43:58 GMT
X-Expires-MS
1686812404336
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
X-Cache
TCP_HIT from a23-222-0-30.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
X-Bdcdn-Cache-Status
TCP_MISS
Content-Range
bytes 0-2379681/2379682
X-Tos-Storage-Class
STANDARD
X-Parent-Response-Time
3,23.61.252.198, 451,23.202.158.141
Connection
keep-alive
Server-Timing
cdn-cache; desc=HIT, edge; dur=3, origin; dur=0
Content-Length
2379682
X-Storagegw-Request-Id
02168681240321500000000000000000000ffff0afb4857bedcdf
Last-Modified
Thu, 15 Jun 2023 06:56:11 GMT
Server
openresty
ETag
"f6f714d776e6d1501ff9442a9a52fb2a"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
X-Storagegw-Response-Time
Thu, 15 Jun 2023 07:00:03 GMT
Cache-Control
max-age=5184000
X-Origin-Response-Time
235,23.61.252.198
Accept-Ranges
bytes
SPug
simage4.pubmatic.com/AdServer/ Frame 13CC 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 07:20:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
log
c21lg-d.media.net/ Frame 2927 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=400cfe9a-3449-40dd-8eee-08e1431cc2f4&cs=15&vsid=3489506357034093000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.172.23 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-172-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:58 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 22 Jan 2024 18:43:58 GMT
async_usersync
ib.adnxs.com/ Frame DE9B 		0
759 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
an-x-request-uuid
e877c511-bae6-4a29-a779-18c9230021ca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie
sync.cootlogix.com/api/ Frame 932C
Redirect Chain
  • https://u.openx.net/w/1.0/cm?cc=1&id=4241c706-9fd2-4ae4-b2d7-c9f8d34e773c&ph=f4cc9fb1-057b-4e7a-b393-325ee9109574&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcoo...
  • https://sync.cootlogix.com/api/cookie?partnerId=openx&userId=19a03e87-ab8b-0dc5-21c9-79f7fc0f4635&gdpr=0&gdpr_consent=&us_privacy=1---
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=openx&userId=19a03e87-ab8b-0dc5-21c9-79f7fc0f4635&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: sync.cootlogix.com
URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
134.209.126.4 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:58 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

date
Mon, 22 Jan 2024 18:43:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.cootlogix.com/api/cookie?partnerId=openx&userId=19a03e87-ab8b-0dc5-21c9-79f7fc0f4635&gdpr=0&gdpr_consent=&us_privacy=1---
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame BB1F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lrpa0e2r&c=6571869589795&slotId=3285934794897.5&qqid=CL-MibPT8YMDFcKMywEdkcAPXA&gqid=bbeuZenQG4vPrr4Pp4e9sAg&fb=ima_html5-lima&sdkv=h.3.614.1&ppt=openplayerjs&ppv=3.0.0&mrd=4&aab=1&itv=1&gpm_i=1&gpm_c=1&gpm_a=1&smb=Infinity&mt=video%2Fmp4&vs=720x720&ua_e=1&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.614.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c0f::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A54B 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c4afe58a356aaa6da8fb03d6c4429a88f0a7f92406e423955ba496109c495ce9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jan 2024 14:52:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72563
Connection
keep-alive
Content-Length
10965
Expires
Tue, 23 Jan 2024 14:53:21 GMT
usync.js
eus.rubiconproject.com/ Frame 5AB9 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c4afe58a356aaa6da8fb03d6c4429a88f0a7f92406e423955ba496109c495ce9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jan 2024 14:52:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72563
Connection
keep-alive
Content-Length
10965
Expires
Tue, 23 Jan 2024 14:53:21 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BB1F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CI90GbbeuZf-hHcKZrr4PkYG_4AWUmMPbc8vWgfK6EcCNtwEQASAAYH2CAR1jYS12aWRlby1wdWItOTg3MjIzMzY4OTY4OTc0NsgBBeACAKgDAZgEAKoE7wFP0LogxX22GGNrzECCX3bInWLyJ-DLu_b0BZt_dFG_yBp7MuXg7DjoCHKs5AqD_7cZGlTxxit0k4lIX90kBJjeH12nsqZ4htrSDcdQzIZYk32HR4nbqq2Jv-Xv9X1ZDMj8j1jRExoMAtw96FmcnBxjDvnvlAe10dvRbW9Kqd0zff_1nRrvZJJOH9EP088yZvWhHCGojeqW6vlliqLQyuunh0FWjYmwEkmQ7lriTupeWUdEsGOl0RE6gINFemyr824gbNLiB03aeMdd71NEp9oyF-ABouM4esTMe0cLS8qQ1xxzyrvuE6e-McVyKv10veAEAYAG6J7pgJ3V2O77AaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljE6oez0_GDA_IIG2FkeC1zdWJzeW4tOTQyOTMxNjEzNDQzNDg3MPoLAggBgAwB4g0TCISciLPT8YMDFcKMywEdkcAPXNAVAYAXAQ&sigh=clvwjxPMmlU&label=video_ad_loaded&sdkv=h.3.614.1&vci=CpgBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoLQWRTZW5zZS9BZFggBCoTLTI5Nzk3MzUxODg1NjIwNDQ0MDIQMTc3OTE5NTM5MTA1ODk5NEDkA1IdEA8lAADoQSgBOgd1bmtub3duQgd1bmtub3duUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
ipds.adrta.com/ Frame BB1F
Redirect Chain
  • https://adrta.com/i?kv26=WINDOWS&kv2=https%3A%2F%2Fwww.5esrd.com&paid=pngl&kv15=CA&kv11=61135p2C4t_qca1vqyKY3z8hIXvAu7217&kv12=945271561&caid=1775542441621505&kv3=8e6b5b7df24a06af5761947d22d94188&k...
  • https://ipds.adrta.com/i?__x=GKKFGCIHKDI@HBGPNJNEFLKJMMIJFGNOFBIMFJNLPEJPONG@KLILMGFFHKLFMOFHHNMBFNHKOINHJMPPHAJIHKFNMLJFLKLGJQLKN@INELQJOEHPPMICFAE@H&kv26=WINDOWS&kv2=https%3A%2F%2Fwww.5esrd.com&p...
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipds.adrta.com/i?__x=GKKFGCIHKDI@HBGPNJNEFLKJMMIJFGNOFBIMFJNLPEJPONG@KLILMGFFHKLFMOFHHNMBFNHKOINHJMPPHAJIHKFNMLJFLKLGJQLKN@INELQJOEHPPMICFAE@H&kv26=WINDOWS&kv2=https%3A%2F%2Fwww.5esrd.com&paid=pngl&kv15=CA&kv11=61135p2C4t_qca1vqyKY3z8hIXvAu7217&kv12=945271561&caid=1775542441621505&kv3=8e6b5b7df24a06af5761947d22d94188&kv10=&kv17=-106.350&kv28=_&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&clid=bd&plid=1779195391058994&kv16=56.130&avid=7234043075373350914&publisherId=39496&kv4=2001%3A4958%3A1420%3A%3A&kv24=web
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Server
2600:1f18:26d4:7e06:d45b:472a:259a:8fe2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 Jan 2024 18:43:59 GMT
cache-control
no-cache
server
nginx
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://ipds.adrta.com/i?__x=GKKFGCIHKDI@HBGPNJNEFLKJMMIJFGNOFBIMFJNLPEJPONG@KLILMGFFHKLFMOFHHNMBFNHKOINHJMPPHAJIHKFNMLJFLKLGJQLKN@INELQJOEHPPMICFAE@H&kv26=WINDOWS&kv2=https%3A%2F%2Fwww.5esrd.com&paid=pngl&kv15=CA&kv11=61135p2C4t_qca1vqyKY3z8hIXvAu7217&kv12=945271561&caid=1775542441621505&kv3=8e6b5b7df24a06af5761947d22d94188&kv10=&kv17=-106.350&kv28=_&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&clid=bd&plid=1779195391058994&kv16=56.130&avid=7234043075373350914&publisherId=39496&kv4=2001%3A4958%3A1420%3A%3A&kv24=web
date
Mon, 22 Jan 2024 18:43:58 GMT
server
nginx
content-length
0
/
api16-event-va.pangle.io/api/ad/union/show_event/ Frame BB1F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api16-event-va.pangle.io/api/ad/union/show_event/?req_id=2C4t_qca1vqyKY3z8hIXvAu7217&ttdsp_adx_index=107&extra=medY%2BRuEFn73eLgcECmRyuAIZa9P4Qxrc8d%2F4t4FYk4SmXp0D5DFdbpP12jigZTIvekeNhiiuX%2BSffHgx6qbBdVmLNzz%2F5n1%2F%2BPKFDnKdECo9RpU%2B4bcdFwdYINnUOoRxwBgWpl0m%2Fi5kt0msxLVAe1P7XYtI13jRocpcj9VzjeriZG%2BwhT2si4BAk%2FRpqcHlsKQi41Lf0%2BPOh70n5PGScHa4EkE73yojOQ%2B%2BNhrYOycJvhS%2BYk1t75Q4NE0h7ut6IweVSlJutRdBAkihyBhvpiO%2BdFK5L49wxxS4MNX95QgMsp2kyUW2yYM5ib5OlJf6UniC%2BGOQAtG4aQg7fwOFCm%2Fh6IZlbv4ejUFyRHBgejqFD7Z8jIhVfwT6iJ%2FlaC5DOJpgMpXP696NZxqfCjPVLTzpCuKqGto0%2BLQs0UXb2gpv0gGZv3uQPPZOAl%2FskYUygUz%2FxVeHWNltRT3Nnb4CUMPwGMjaLhjCE62hs3k9las9m4FTjPtSn7FibzUuaoFL21qJ5PCWHlLXO9JwKJ0mVJzllFwtxNQU9nzTz6%2BjDUPB67cywyCwDE%2FfwEBEhszwGZjOwRh3LKrVtnotl4hoKtP6BsCm%2Bz8WsxWUBdFlr7B3%2FH0sFAZBs43C7pUs8%2BBjczBo1tMa6Iu%2Bhlw8xZeDgyCWWX1VeRWxdvjLw783bkWJ4%2FDqkcudkCihLap2ksJRgE2Asqw5HRXHcCrNaJRNj%2BdUKW%2Fov1Pzfx%2BlzhiPgRPNMcORwOAWeEVN0XDQu3oImx22IDHSp7NsUKD%2BQX%2FNpkYM%2FgmlMEk%2Bkx1NxmCtIzGu4CRH9vSLsnWWneJRms2NtZblcqjDrkOdAroP35j%2BS4nHZM%2BZCUg0W3DeOgujD0HuNfqxnP%2FSdTSwNsJ8OiMlrzJ6QlW0bkEQEU3BvsJBzqtU7HyrFiyFm%2B7yraoB0Wfsyt42fUqnf42WfoYia61czONCppE8Z2Ahpp4cIVjU1xNkopHw%2FUSfvyfHeNWSm1mn1f43BvyA9gIEhcDJHOj&source_type=1&pack_time=1705949037.74&use_pb=1&openrtb_adx_id=107&pc=ozNVTnuC6KJpGPRLjs1kNWafV%2FjcG%2FID2AgSFwMkc6M%3D&ttdsp_price=Za63bQAHUP8By4zCAA_AkSebZAZ0f-v1LUtgwA
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.76 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
adview
pubads.g.doubleclick.net/pagead/ Frame BB1F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CbpSrbbeuZf-hHcKZrr4PkYG_4AWUmMPbc8vWgfK6EcCNtwEQASAAYH2CAR1jYS12aWRlby1wdWItOTg3MjIzMzY4OTY4OTc0NsgBBeACAKgDAZgEAKoE7AFP0LogxX22GGNrzECCX3bInWLyJ-DLu_b0BZt_dFG_yBp7MuXg7DjoCHKs5AqD_7cZGlTxxit0k4lIX90kBJjeH12nsqZ4htrSDcdQzIZYk32HR4nbqq2Jv-Xv9X1ZDMj8j1jRExoMAtw96FmcnBxjDvnvlAe10dvRbW9Kqd0zff_1nRrvZJJOH9EP088yZvWhHCGojeqW6vlliqLQyuunh0FWjYmwEkmQ7lriTupeWUdEsGOl0RE6gINFemyr824gbNLiB02YeubPA7qvxzHZbS6D0SqSCOPGjk4lUz57TW-6ajzAP79Q_TYSweAEAYAG6J7pgJ3V2O77AaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljE6oez0_GDA_IIG2FkeC1zdWJzeW4tOTQyOTMxNjEzNDQzNDg3MIAKA_oLAggBgAwB4g0TCISciLPT8YMDFcKMywEdkcAPXNAVAYAXAbIXHAoaEhRwdWItOTg3MjIzMzY4OTY4OTc0NhjMwiE&sigh=DAOs07-6SmE&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&cid=CAQSOwAvHhf_pONt7IEnfb1zRoS_RVPh7bhdqhi3Jt5agIzaYLZ2Mcf9vwZc2g4YidUeDCSCmTTVYRF37_tsGAE&sdkv=h.3.614.1
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BB1F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CI90GbbeuZf-hHcKZrr4PkYG_4AWUmMPbc8vWgfK6EcCNtwEQASAAYH2CAR1jYS12aWRlby1wdWItOTg3MjIzMzY4OTY4OTc0NsgBBeACAKgDAZgEAKoE7wFP0LogxX22GGNrzECCX3bInWLyJ-DLu_b0BZt_dFG_yBp7MuXg7DjoCHKs5AqD_7cZGlTxxit0k4lIX90kBJjeH12nsqZ4htrSDcdQzIZYk32HR4nbqq2Jv-Xv9X1ZDMj8j1jRExoMAtw96FmcnBxjDvnvlAe10dvRbW9Kqd0zff_1nRrvZJJOH9EP088yZvWhHCGojeqW6vlliqLQyuunh0FWjYmwEkmQ7lriTupeWUdEsGOl0RE6gINFemyr824gbNLiB03aeMdd71NEp9oyF-ABouM4esTMe0cLS8qQ1xxzyrvuE6e-McVyKv10veAEAYAG6J7pgJ3V2O77AaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljE6oez0_GDA_IIG2FkeC1zdWJzeW4tOTQyOTMxNjEzNDQzNDg3MPoLAggBgAwB4g0TCISciLPT8YMDFcKMywEdkcAPXNAVAYAXAQ&sigh=clvwjxPMmlU&label=vast_creativeview&ad_mt=0&sdkv=h.3.614.1&vci=CpsBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoLQWRTZW5zZS9BZFggBCoTLTI5Nzk3MzUxODg1NjIwNDQ0MDIQMTc3OTE5NTM5MTA1ODk5NEDkA1IgEA8lAADoQSgBOgd1bmtub3duQgd1bmtub3duSPMEUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api16-event-va.pangle.io/api/ad/union/event_report/ Frame BB1F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api16-event-va.pangle.io/api/ad/union/event_report/?event_type=4&extra=medY%2BRuEFn73eLgcECmRyuAIZa9P4Qxrc8d%2F4t4FYk4SmXp0D5DFdbpP12jigZTIvekeNhiiuX%2BSffHgx6qbBdVmLNzz%2F5n1%2F%2BPKFDnKdECo9RpU%2B4bcdFwdYINnUOoRxwBgWpl0m%2Fi5kt0msxLVAe1P7XYtI13jRocpcj9VzjeriZG%2BwhT2si4BAk%2FRpqcHlsKQi41Lf0%2BPOh70n5PGScHa4EkE73yojOQ%2B%2BNhrYOycJvhS%2BYk1t75Q4NE0h7ut6IweVSlJutRdBAkihyBhvpiO%2BdFK5L49wxxS4MNX95QgMsp2kyUW2yYM5ib5OlJf6UniC%2BGOQAtG4aQg7fwOFCm%2Fh6IZlbv4ejUFyRHBgejqFD7Z8jIhVfwT6iJ%2FlaC5DOJpgMpXP696NZxqfCjPVLTzpCuKqGto0%2BLQs0UXb2gpv0gGZv3uQPPZOAl%2FskYUygUz%2FxVeHWNltRT3Nnb4CUMPwGMjaLhjCE62hs3k9las9m4FTjPtSn7FibzUuaoFL21qJ5PCWHlLXO9JwKJ0mVJzllFwtxNQU9nzTz6%2BjDUPB67cywyCwDE%2FfwEBEhszwGZjOwRh3LKrVtnotl4hoKtP6BsCm%2Bz8WsxWUBdFlr7B3%2FH0sFAZBs43C7pUs8%2BBjczBo1tMa6Iu%2Bhlw8xZeDgyCWWX1VeRWxdvjLw783bkWJ4%2FDqkcudkCihLap2ksJRgE2Asqw5HRXHcCrNaJRNj%2BdUKW%2Fov1Pzfx%2BlzhiPgRPNMcORwOAWeEVN0XDQu3oImx22IDHSp7NsUKD%2BQX%2FNpkYM%2FgmlMEk%2Bkx1NxmCtIzGu4CRH9vSLsnWWneJRms2NtZblcqjDrkOdAroP35j%2BS4nHZM%2BZCUg0W3DeOgujD0HuNfqxnP%2FSdTSwNsJ8OiMlrzJ6QlW0bkEQEU3BvsJBzqtU7HyrFiyFm%2B7yraoB0Wfsyt42fUqnf42WfoYia61czONCppE8Z2Ahpp4cIVjU1xNkopHw%2FUSfvyfHeNWSm1mn1f43BvyA9gIEhcDJHOj&video_play_time=0&use_pb=1
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.76 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BB1F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CI90GbbeuZf-hHcKZrr4PkYG_4AWUmMPbc8vWgfK6EcCNtwEQASAAYH2CAR1jYS12aWRlby1wdWItOTg3MjIzMzY4OTY4OTc0NsgBBeACAKgDAZgEAKoE7wFP0LogxX22GGNrzECCX3bInWLyJ-DLu_b0BZt_dFG_yBp7MuXg7DjoCHKs5AqD_7cZGlTxxit0k4lIX90kBJjeH12nsqZ4htrSDcdQzIZYk32HR4nbqq2Jv-Xv9X1ZDMj8j1jRExoMAtw96FmcnBxjDvnvlAe10dvRbW9Kqd0zff_1nRrvZJJOH9EP088yZvWhHCGojeqW6vlliqLQyuunh0FWjYmwEkmQ7lriTupeWUdEsGOl0RE6gINFemyr824gbNLiB03aeMdd71NEp9oyF-ABouM4esTMe0cLS8qQ1xxzyrvuE6e-McVyKv10veAEAYAG6J7pgJ3V2O77AaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljE6oez0_GDA_IIG2FkeC1zdWJzeW4tOTQyOTMxNjEzNDQzNDg3MPoLAggBgAwB4g0TCISciLPT8YMDFcKMywEdkcAPXNAVAYAXAQ&sigh=clvwjxPMmlU&label=part2viewed&ad_mt=0&sdkv=h.3.614.1&vci=CpsBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoLQWRTZW5zZS9BZFggBCoTLTI5Nzk3MzUxODg1NjIwNDQ0MDIQMTc3OTE5NTM5MTA1ODk5NEDkA1IgEA8lAADoQSgBOgd1bmtub3duQgd1bmtub3duSPMEUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api16-event-va.pangle.io/api/ad/union/event_report/ Frame BB1F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api16-event-va.pangle.io/api/ad/union/event_report/?event_type=25&extra=medY%2BRuEFn73eLgcECmRyuAIZa9P4Qxrc8d%2F4t4FYk4SmXp0D5DFdbpP12jigZTIvekeNhiiuX%2BSffHgx6qbBdVmLNzz%2F5n1%2F%2BPKFDnKdECo9RpU%2B4bcdFwdYINnUOoRxwBgWpl0m%2Fi5kt0msxLVAe1P7XYtI13jRocpcj9VzjeriZG%2BwhT2si4BAk%2FRpqcHlsKQi41Lf0%2BPOh70n5PGScHa4EkE73yojOQ%2B%2BNhrYOycJvhS%2BYk1t75Q4NE0h7ut6IweVSlJutRdBAkihyBhvpiO%2BdFK5L49wxxS4MNX95QgMsp2kyUW2yYM5ib5OlJf6UniC%2BGOQAtG4aQg7fwOFCm%2Fh6IZlbv4ejUFyRHBgejqFD7Z8jIhVfwT6iJ%2FlaC5DOJpgMpXP696NZxqfCjPVLTzpCuKqGto0%2BLQs0UXb2gpv0gGZv3uQPPZOAl%2FskYUygUz%2FxVeHWNltRT3Nnb4CUMPwGMjaLhjCE62hs3k9las9m4FTjPtSn7FibzUuaoFL21qJ5PCWHlLXO9JwKJ0mVJzllFwtxNQU9nzTz6%2BjDUPB67cywyCwDE%2FfwEBEhszwGZjOwRh3LKrVtnotl4hoKtP6BsCm%2Bz8WsxWUBdFlr7B3%2FH0sFAZBs43C7pUs8%2BBjczBo1tMa6Iu%2Bhlw8xZeDgyCWWX1VeRWxdvjLw783bkWJ4%2FDqkcudkCihLap2ksJRgE2Asqw5HRXHcCrNaJRNj%2BdUKW%2Fov1Pzfx%2BlzhiPgRPNMcORwOAWeEVN0XDQu3oImx22IDHSp7NsUKD%2BQX%2FNpkYM%2FgmlMEk%2Bkx1NxmCtIzGu4CRH9vSLsnWWneJRms2NtZblcqjDrkOdAroP35j%2BS4nHZM%2BZCUg0W3DeOgujD0HuNfqxnP%2FSdTSwNsJ8OiMlrzJ6QlW0bkEQEU3BvsJBzqtU7HyrFiyFm%2B7yraoB0Wfsyt42fUqnf42WfoYia61czONCppE8Z2Ahpp4cIVjU1xNkopHw%2FUSfvyfHeNWSm1mn1f43BvyA9gIEhcDJHOj&video_play_time=0&use_pb=1
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.76 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BB1F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CI90GbbeuZf-hHcKZrr4PkYG_4AWUmMPbc8vWgfK6EcCNtwEQASAAYH2CAR1jYS12aWRlby1wdWItOTg3MjIzMzY4OTY4OTc0NsgBBeACAKgDAZgEAKoE7wFP0LogxX22GGNrzECCX3bInWLyJ-DLu_b0BZt_dFG_yBp7MuXg7DjoCHKs5AqD_7cZGlTxxit0k4lIX90kBJjeH12nsqZ4htrSDcdQzIZYk32HR4nbqq2Jv-Xv9X1ZDMj8j1jRExoMAtw96FmcnBxjDvnvlAe10dvRbW9Kqd0zff_1nRrvZJJOH9EP088yZvWhHCGojeqW6vlliqLQyuunh0FWjYmwEkmQ7lriTupeWUdEsGOl0RE6gINFemyr824gbNLiB03aeMdd71NEp9oyF-ABouM4esTMe0cLS8qQ1xxzyrvuE6e-McVyKv10veAEAYAG6J7pgJ3V2O77AaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljE6oez0_GDA_IIG2FkeC1zdWJzeW4tOTQyOTMxNjEzNDQzNDg3MPoLAggBgAwB4g0TCISciLPT8YMDFcKMywEdkcAPXNAVAYAXAQ&sigh=clvwjxPMmlU&label=admute&ad_mt=0&sdkv=h.3.614.1&vci=CpsBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoLQWRTZW5zZS9BZFggBCoTLTI5Nzk3MzUxODg1NjIwNDQ0MDIQMTc3OTE5NTM5MTA1ODk5NEDkA1IgEA8lAADoQSgBOgd1bmtub3duQgd1bmtub3duSPMEUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame A54B 		7 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr_consent=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0ef743da9b7e7268fce5cacf31fd0f0c
Expires
0
khaos.json
token.rubiconproject.com/ Frame 5AB9 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr_consent=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
us
sync.go.sonobi.com/ Frame 932C 		0
0
cookie
sync.cootlogix.com/api/ Frame 5AB9
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=vidazoo&gdpr_consent=1---&khaos=LRPA0F1C-1G-CTBF
  • https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRPA0F1C-1G-CTBF&gdpr_consent=1---
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRPA0F1C-1G-CTBF&gdpr_consent=1---
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Server
134.209.126.4 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:59 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRPA0F1C-1G-CTBF&gdpr_consent=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
cksync.php
contextual.media.net/ Frame A54B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&gdpr_consent=1---&khaos=LRPA0F0Y-K-6SPU
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 18:43:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Mon, 22 Jan 2024 18:43:59 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ef743da9b7e7268fce5cacf31fd0f0c
Expires
0
pixel
cm.g.doubleclick.net/ Frame A54B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr_consent=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJQQTBGMFktSy02U1BV&gdpr_consent=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr_consent=1---&google_gid=CAESEDqprCS1rOv0X8fVvX6QRSg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQQTBGMFktSy02U1BV&google_push=&gdpr_consent=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQQTBGMFktSy02U1BV&google_push=&gdpr_consent=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:44:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQQTBGMFktSy02U1BV&google_push=&gdpr_consent=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame A54B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=1---&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=1---&dcc=t
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FWEDPEJ7G9GFMQ5G3TAM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NHRFSDGFX1C84BSTRSDX
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A54B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWU2NDllNDFjYWZmNzlhMGVmNWI1OTk3OGQ0YzYyYTIxYWQ1MTc3MQ&gdpr_consent=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWU2NDllNDFjYWZmNzlhMGVmNWI1OTk3OGQ0YzYyYTIxYWQ1MTc3MQ&gdpr_consent=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWU2NDllNDFjYWZmNzlhMGVmNWI1OTk3OGQ0YzYyYTIxYWQ1MTc3MQ&gdpr_consent=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame A54B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr_consent=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRPA0F0Y-K-6SPU&gdpr_consent=1---
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:59 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2E35B92063BB432CA640B1F00144C0C7 Ref B: YTO01EDGE0412 Ref C: 2024-01-22T18:43:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPjTaC+Dc9yS1FT81qqA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A54B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/A6Nu6FNgLplWJ5-n1momXg?csrc=&gdpr_consent=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-fnbk2bRE2oKAjbg.q7PxpVVr2SzFjJv5dZ81mQ--~A&gdpr=0&gdpr_consent=1---
42 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-fnbk2bRE2oKAjbg.q7PxpVVr2SzFjJv5dZ81mQ--~A&gdpr=0&gdpr_consent=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ef743da9b7e7268fce5cacf31fd0f0c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 22 Jan 2024 18:43:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-fnbk2bRE2oKAjbg.q7PxpVVr2SzFjJv5dZ81mQ--~A&gdpr=0&gdpr_consent=1---
content-length
0
tap.php
pixel.rubiconproject.com/ Frame A54B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&gdpr=0&gdpr_consent=&expires=30
42 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ef743da9b7e7268fce5cacf31fd0f0c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&gdpr=0&gdpr_consent=&expires=30
date
Mon, 22 Jan 2024 18:43:59 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame A54B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr_consent=1---
  • https://s.amazon-adsystem.com/ecm3?id=LRPA0F0Y-K-6SPU&ex=d-rubiconproject.com&status=ok&gdpr_consent=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRPA0F0Y-K-6SPU&ex=d-rubiconproject.com&status=ok&gdpr_consent=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KG2Y8Q0CBSWQXPY75KRM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRPA0F0Y-K-6SPU&ex=d-rubiconproject.com&status=ok&gdpr_consent=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A54B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=1---&put=CAESECaZO3v3tBHXa2edIiHjGWU&google_cver=1
42 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=1---&put=CAESECaZO3v3tBHXa2edIiHjGWU&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:43:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=1---&put=CAESECaZO3v3tBHXa2edIiHjGWU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
348
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A54B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=1---&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=1---&dcc=t
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E4MJ86A1W2J6S9VKH18Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:43:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J83TQ2R28EKMCX512MYV
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rp
match.prod.bidr.io/cookie-sync/ Frame A54B 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr_consent=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.82.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-82-146.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
391af5c74513a00bf1ba8d342205d66deda74c2f8d2a265816a1786423ddaf1f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 18:43:59 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
22
content-type
text/plain
cksync
hb.yahoo.net/ Frame A54B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr_consent=1---
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRPA0F0Y-K-6SPU&redir=true&gdpr_consent=1---
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRPA0F0Y-K-6SPU&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1oZnh4bE14RTJ1SEN6a0JZZm9LRkVYUXV3VEtld1lEa35B&ovsid=LRPA0F0Y-K-6SPU&dpid=58160
0
0
setuid
ib.adnxs.com/prebid/ Frame A54B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr_consent=1---
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:44:00 GMT
an-x-request-uuid
e8adf9b7-cea1-4f99-8690-23e4a7ce7bac
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ef743da9b7e7268fce5cacf31fd0f0c
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame A54B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr_consent=1---
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRPA0F0Y-K-6SPU&gdpr_consent=1---
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:44:00 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A54B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr_consent=1---
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRPA0F0Y-K-6SPU
0
0
merge
ce.lijit.com/ Frame A54B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr_consent=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 18:44:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LRPA0F0Y-K-6SPU&gdpr_consent=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A54B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr_consent=1---
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6b6cdda2-ebe1-48ad-8cff-faacb5f8f63d&expires=30&gdpr_consent=1---
42 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6b6cdda2-ebe1-48ad-8cff-faacb5f8f63d&expires=30&gdpr_consent=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6b6cdda2-ebe1-48ad-8cff-faacb5f8f63d&expires=30&gdpr_consent=1---
Date
Mon, 22 Jan 2024 18:44:00 GMT
Connection
keep-alive
X-CI-RTID
5254e2b2-f719-47c3-b98f-81459c24677e
Content-Length
166
Content-Type
text/html; charset=utf-8
cookie
sync.cootlogix.com/api/ Frame 932C
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=TAEWcTBw&gdpr=0&gdpr_consent=
  • https://sync.cootlogix.com/api/cookie?partnerId=sharthrough&userId=d6630e4d-4a2d-4525-a2ce-0b6de149f6df&gdpr=0
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=sharthrough&userId=d6630e4d-4a2d-4525-a2ce-0b6de149f6df&gdpr=0
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Server
134.209.126.4 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:43:59 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

location
https://sync.cootlogix.com/api/cookie?partnerId=sharthrough&userId=d6630e4d-4a2d-4525-a2ce-0b6de149f6df&gdpr=0
date
Mon, 22 Jan 2024 18:43:59 GMT
content-length
0
cookie
sync.cootlogix.com/api/ Frame 932C
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dgrid%26userId%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---?gdpr=0&gdpr_conse...
  • https://sync.cootlogix.com/api/cookie?partnerId=grid&userId=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=0&gdpr_consent=&us_privacy=1---
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=grid&userId=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Server
134.209.126.4 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:44:00 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Location
https://sync.cootlogix.com/api/cookie?partnerId=grid&userId=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Mon, 22 Jan 2024 18:43:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Shopify-Sans-Bold.woff
s0.2mdn.net/sadbundle/873199182112882688/ Frame F948 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/873199182112882688/Shopify-Sans-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/873199182112882688/adStyle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
a7311fbbf26ad1c83a0c5c9011dddd129a09587efdf41e2b76b87b602b50a566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/873199182112882688/adStyle.css
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 12:03:12 GMT
date
Mon, 22 Jan 2024 12:03:12 GMT
x-content-type-options
nosniff
age
24048
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55776
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 02:25:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
PugMaster
image6.pubmatic.com/AdServer/ Frame D009 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53765097&p=156737&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9f48bb02f034e2e6ea4edaec5c87fec945e88790d31991013cba3ccd2399fd20

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 18:44:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 66E1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5264239699130614520&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5264239699130614520&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 Jan 2024 18:43:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
327680a0-f50d-4277-a7ba-ca6647ff4ffe
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 22 Jan 2024 18:44:00 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5264239699130614520&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9166
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=324ac73e-b956-11ee-b644-b7871f57e117
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=324ac73e-b956-11ee-b644-b7871f57e117
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 Jan 2024 18:43:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Mon, 22 Jan 2024 18:44:00 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=324ac73e-b956-11ee-b644-b7871f57e117
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-2
cookie-sync
match.prod.bidr.io/ Frame 64A3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZl9rN0xYVzhBQUJNYU5BRU02Zw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?uid=AABf_k7LXW8AABMaNAEM6g&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
0
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame BF8E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Za63cAAQSQ9NFAAM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 22 Jan 2024 18:44:00 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4555-YYZ
x-timer
S1705949041.803055,VS0,VE20

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 22 Jan 2024 18:44:00 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Za63cAAQSQ9NFAAM
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4555-YYZ
x-timer
S1705949041.594787,VS0,VE21
141
match.deepintent.com/usersync/ Frame F139 		0
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Mon, 22 Jan 2024 18:44:00 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 293A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=8a89f9fd-b677-403c-8636-e2645c1e8c32&expires=1&user_group=2&ssp=pubmatic&bsw_param=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame B20C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=05K1AIeQ4gHIxe0B0sL5VobGtlXIk-MA05BWtB4x
42 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=05K1AIeQ4gHIxe0B0sL5VobGtlXIk-MA05BWtB4x
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 Jan 2024 18:43:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 22 Jan 2024 18:44:00 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=05K1AIeQ4gHIxe0B0sL5VobGtlXIk-MA05BWtB4x
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame E2F6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:j7NgiJul1RrZh45&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:j7NgiJul1RrZh45&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 Jan 2024 18:43:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 22 Jan 2024 18:43:59 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:j7NgiJul1RrZh45&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-07d53000674f7cfc8@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
insync
thrtle.com/ Frame D009
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D7359040-831C-4C53-8F3D-3E61AAF82C32&vxii_pid=12&vxii_pid1=10067&vxii_rcid=710a6a01-0773-4996-a27b-96cd96c33680
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D7359040-831C-4C53-8F3D-3E61AAF82C32&vxii_pid=12&vxii_pid1=10067&vxii_rcid=710a6a01-0773-4996-a27b-96cd96c33680
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Server
34.234.28.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Mon, 22 Jan 2024 18:44:01 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D7359040-831C-4C53-8F3D-3E61AAF82C32&vxii_pid=12&vxii_pid1=10067&vxii_rcid=710a6a01-0773-4996-a27b-96cd96c33680
date
Mon, 22 Jan 2024 18:44:00 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame D009 		0
0
Martin
crb.kargo.com/api/v1/dsync/ Frame D009 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr=0&gdpr_consent=
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.34.250 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:44:00 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame D009 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr=0&gdpr_consent=
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.192.2 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 22 Jan 2024 18:44:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D009
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D7359040-831C-4C53-8F3D-3E61AAF82C32&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jCv1tqVE2uU7H59qas5INHhIhQfmzDQ-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jCv1tqVE2uU7H59qas5INHhIhQfmzDQ-~A&gdpr=0
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 07:23:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jCv1tqVE2uU7H59qas5INHhIhQfmzDQ-~A&gdpr=0
date
Mon, 22 Jan 2024 18:44:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame D009
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8810df01-36ca-42ca-8d7f-8b9d2a1b9311&gdpr=0&gdpr_consent=
1 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8810df01-36ca-42ca-8d7f-8b9d2a1b9311&gdpr=0&gdpr_consent=
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 22 Jan 2024 18:44:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8810df01-36ca-42ca-8d7f-8b9d2a1b9311&gdpr=0&gdpr_consent=
Date
Mon, 22 Jan 2024 18:44:00 GMT
Connection
keep-alive
X-CI-RTID
a9fd9a05-eaee-4482-a870-eb16e6d8d02a
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame D009
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035440&nuid=D7359040-831C-4C53-8F3D-3E61AAF82C32&...
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035440&nuid=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr_consent=&gdpr=0
Requested by
Host: www.5esrd.com
URL: https://www.5esrd.com/
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 Jan 2024 18:43:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 18:44:00 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELJbVrWLrRsAJkoiPWAQEBAQE&expiration=1706035440&nuid=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame D009
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=27c0b7aa-ed19-4030-84dc-1a54ef7b188b-65aeb770-5553&gdpr=0&gdpr_consent=
0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 3168 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=50840399&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Dpba%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
12ff2e331bc16011be69c859fab26946c42f4b10681b151cf9110a83f09b9e62

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 18:44:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame BE95 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame BE8F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eWKhpx5YUWtHALyFbQLb_aYAzQQ&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 12CA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Dpba%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 Jan 2024 18:44:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 18:44:00 GMT
expires
Mon, 22 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1479732
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 3165
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377156191064515
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377156191064515
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Dpba%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 Jan 2024 18:43:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 22 Jan 2024 18:44:01 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377156191064515
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
i.match
a.tribalfusion.com/ Frame E1BE 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 1C29
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU70a0bce6039d4daca1e59f3959e90c3e
0
0
/
csync.loopme.me/ Frame 768D 		0
0
pubmatic
ad.mrtnsvr.com/sync/ Frame 9FCE 		0
0
tum
ums.acuityplatform.com/ Frame 221C 		0
0
img
sync.mathtag.com/sync/ Frame 2AC5 		0
0
pubmatic
gocm.c.appier.net/ Frame 3B6C 		0
0
img
sync.mathtag.com/sync/ Frame C630
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7524496074
0
0
cm
ipac.ctnsnet.com/int/ Frame 2644 		0
0
pub
matching.truffle.bid/sync/ Frame 5B48 		0
0
cookiesync
core.iprom.net/ Frame BE04 		0
0
epm
px.owneriq.net/ Frame DA36 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame FED1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3F66180D3274469DA5E9643B9D81CE1D&gdpr=0&gdpr_consent=
0
0
cksync.php
contextual.media.net/ Frame C1F5 		57 B
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=pba&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=D7359040-831C-4C53-8F3D-3E61AAF82C32
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3489506357034093000V10%26type%3Dpba%26refUrl%3D%26vid%3D59490375393489506357034093000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
57
content-type
image/gif
date
Mon, 22 Jan 2024 18:44:01 GMT
expires
Mon, 22 Jan 2024 18:44:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
quic-version
0x00000001
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 3168 		0
0
sync
pippio.com/api/ Frame 3168
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr=0&gdpr_consent=
  • https://pippio.com/api/sync?pid=5324&it=1&iv=02c21282874617ffdcaf137f5574c484c39b246a02bafcb0c7caccabaeebec42791426b5417dce21&_=2
0
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=D7359040-831C-4C53-8F3D-3E61AAF82C32/gdpr=0/ Frame 3168 		0
0
receive
pixel.tapad.com/idsync/ex/ Frame 3168 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr=0&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:44:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame 3168
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4468107433271758181&gdpr=0&gdpr_consent=&us_privacy=
0
0
sn.ashx
pmp.mxptint.net/ Frame 3168 		0
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 3168 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C550%2C2029%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.132.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-132-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:44:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3168
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=oXgCOkh_icqczsnl2wUCb6dOHmbHXQ4ixr4-8HV1R1k&pi=pubmatic&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3168
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8851619772679151664
0
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 3168 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2269e3e70633569d%22%3A%2273417d48500921b44e50%7C160x600%7Cgpid%3Dnitropay-5esrd-left-lower%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.5esrd.com%2F&s=3156724a-887d-4861-8055-469f4a9b53a8&pv=b4d8da7b-76e6-48db-8c49-72da23e96215&vp=desktop&lib_name=prebid&lib_v=8.16.0&us=5&iqid=%7B%22pcid%22%3A%227fccbabb-f6ad-4753-8eee-c88b344965bc%22%2C%22pcidDate%22%3A1705949030717%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22ccfc198c-df14-4b30-9ad2-9615c80e488b%22%7D%2C%22site%22%3A%7B%22domain%22%3A%225esrd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%225esrd.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.5esrd.com%2F%22%2C%22name%22%3A%225esrd.com%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22272%22%2C%22246%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%2251%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e2eb1d8d-7f87-423d-9c7d-8d4b355e167b%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2245a05309fbea865%22%3A%2273417d48500921b44e50%7C160x600%7Cgpid%3Dnitropay-5esrd-left-upper%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.5esrd.com%2F&s=8b9e682f-4ec1-4cf1-8eac-a5a141ba33ee&pv=b4d8da7b-76e6-48db-8c49-72da23e96215&vp=desktop&lib_name=prebid&lib_v=8.16.0&us=5&iqid=%7B%22pcid%22%3A%227fccbabb-f6ad-4753-8eee-c88b344965bc%22%2C%22pcidDate%22%3A1705949030717%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%223525519a-3ab1-447b-a17d-f2ec9cfeef55%22%7D%2C%22site%22%3A%7B%22domain%22%3A%225esrd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%225esrd.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.5esrd.com%2F%22%2C%22name%22%3A%225esrd.com%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22272%22%2C%22246%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%2251%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e2eb1d8d-7f87-423d-9c7d-8d4b355e167b%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22624c773251955ff%22%3A%2273417d48500921b44e50%7C970x90%2C728x90%7Cgpid%3Dnitropay-5esrd-top%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.5esrd.com%2F&s=49749d8d-9a32-484d-865d-af54a11b6c19&pv=b4d8da7b-76e6-48db-8c49-72da23e96215&vp=desktop&lib_name=prebid&lib_v=8.16.0&us=5&iqid=%7B%22pcid%22%3A%227fccbabb-f6ad-4753-8eee-c88b344965bc%22%2C%22pcidDate%22%3A1705949030717%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22dc78452b-3a82-4895-b5d5-d879b1076c45%22%7D%2C%22site%22%3A%7B%22domain%22%3A%225esrd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%225esrd.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.5esrd.com%2F%22%2C%22name%22%3A%225esrd.com%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22272%22%2C%22246%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%2251%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e2eb1d8d-7f87-423d-9c7d-8d4b355e167b%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2277b449aae7f885%22%3A%2273417d48500921b44e50%7C160x600%7Cgpid%3Dnitropay-5esrd-right-upper%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.5esrd.com%2F&s=ea468d2b-84c6-42d2-85a3-1592eaf45686&pv=b4d8da7b-76e6-48db-8c49-72da23e96215&vp=desktop&lib_name=prebid&lib_v=8.16.0&us=5&iqid=%7B%22pcid%22%3A%227fccbabb-f6ad-4753-8eee-c88b344965bc%22%2C%22pcidDate%22%3A1705949030717%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22aa9b0ab7-33f5-4b03-8713-56350446e8e5%22%7D%2C%22site%22%3A%7B%22domain%22%3A%225esrd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%225esrd.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.5esrd.com%2F%22%2C%22name%22%3A%225esrd.com%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22272%22%2C%22246%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%2251%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e2eb1d8d-7f87-423d-9c7d-8d4b355e167b%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221201719afbcfb6e5%22%3A%2273417d48500921b44e50%7C160x600%7Cgpid%3Dnitropay-5esrd-right-lower%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.5esrd.com%2F&s=48c959d6-70bb-4558-b1ae-b76383f55abb&pv=b4d8da7b-76e6-48db-8c49-72da23e96215&vp=desktop&lib_name=prebid&lib_v=8.16.0&us=5&iqid=%7B%22pcid%22%3A%227fccbabb-f6ad-4753-8eee-c88b344965bc%22%2C%22pcidDate%22%3A1705949030717%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%2200a4e163-a8fc-4438-8a5a-fcb2378b87a4%22%7D%2C%22site%22%3A%7B%22domain%22%3A%225esrd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%225esrd.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.5esrd.com%2F%22%2C%22name%22%3A%225esrd.com%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22272%22%2C%22246%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%2251%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e2eb1d8d-7f87-423d-9c7d-8d4b355e167b%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2214236dcfc72f527b%22%3A%2273417d48500921b44e50%7C300x250%2C320x50%7Cgpid%3Darticle-content-auto-1%2Cc%3Dd%2C%22%2C%2214368da7a85c3b4%22%3A%2203b4b3582d3dcb19e84c%7C300x250%7Cgpid%3Darticle-content-auto-1%2Cc%3Dv%2Cpm%3D2%2Cp%3D2%2Cpl%3D4%2C%22%7D&ref=https%3A%2F%2Fwww.5esrd.com%2F&s=8d26ab5d-51cf-4c3d-b9c4-117a74cda8ed&pv=b4d8da7b-76e6-48db-8c49-72da23e96215&vp=desktop&lib_name=prebid&lib_v=8.16.0&us=5&iqid=%7B%22pcid%22%3A%227fccbabb-f6ad-4753-8eee-c88b344965bc%22%2C%22pcidDate%22%3A1705949030717%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22af8b4ef0-0380-460a-8b6b-6b9492ad5cb7%22%7D%2C%22site%22%3A%7B%22domain%22%3A%225esrd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%225esrd.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.5esrd.com%2F%22%2C%22name%22%3A%225esrd.com%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22272%22%2C%22246%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%2251%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e2eb1d8d-7f87-423d-9c7d-8d4b355e167b%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Domain
nitropay-102.b-cdn.net
URL
https://nitropay-102.b-cdn.net/70a299e8cc4e4e90a561b586f34175ba/manifest.mpd
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22169b45565236becb%22%3A%2203b4b3582d3dcb19e84c%7C230x141%7Cgpid%3Dnitropay-5esrd-video%2Cc%3Dv%2Cpm%3D6%2Cp%3D5%2Cpl%3D2%2C%22%7D&ref=https%3A%2F%2Fwww.5esrd.com%2F&s=9672cc79-d976-49ce-8ccf-60cce278ca7d&pv=b4d8da7b-76e6-48db-8c49-72da23e96215&vp=desktop&lib_name=prebid&lib_v=8.16.0&us=5&iqid=%7B%22pcid%22%3A%227fccbabb-f6ad-4753-8eee-c88b344965bc%22%2C%22pcidDate%22%3A1705949030717%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%2249210398-1aee-45f7-b5e6-fe9d79b9d7d3%22%7D%2C%22site%22%3A%7B%22domain%22%3A%225esrd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%225esrd.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.5esrd.com%2F%22%2C%22name%22%3A%225esrd.com%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22272%22%2C%22246%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%2251%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e2eb1d8d-7f87-423d-9c7d-8d4b355e167b%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3489506357034093000V10&type=son&refUrl=&vid=59490375393489506357034093000V10&axid_e=&ovsid=[UID]
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26userId%3D%5BUID%5D
Domain
hb.yahoo.net
URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1oZnh4bE14RTJ1SEN6a0JZZm9LRkVYUXV3VEtld1lEa35B&ovsid=LRPA0F0Y-K-6SPU&dpid=58160
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRPA0F0Y-K-6SPU
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99ac63e3-e16d-4a63-aae4-f6f4e132d491&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=27c0b7aa-ed19-4030-84dc-1a54ef7b188b-65aeb770-5553&gdpr=0&gdpr_consent=
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eWKhpx5YUWtHALyFbQLb_aYAzQQ&gdpr=0&gdpr_consent=
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU70a0bce6039d4daca1e59f3959e90c3e
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=6
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7524496074
Domain
ipac.ctnsnet.com
URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Domain
matching.truffle.bid
URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
px.owneriq.net
URL
https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3F66180D3274469DA5E9643B9D81CE1D&gdpr=0&gdpr_consent=
Domain
synchroscript.deliveryengine.adswizz.com
URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=D7359040-831C-4C53-8F3D-3E61AAF82C32&gdpr=0&gdpr_consent=
Domain
pippio.com
URL
https://pippio.com/api/sync?pid=5324&it=1&iv=02c21282874617ffdcaf137f5574c484c39b246a02bafcb0c7caccabaeebec42791426b5417dce21&_=2
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=D7359040-831C-4C53-8F3D-3E61AAF82C32/gdpr=0/gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4468107433271758181&gdpr=0&gdpr_consent=&us_privacy=
Domain
pmp.mxptint.net
URL
https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=oXgCOkh_icqczsnl2wUCb6dOHmbHXQ4ixr4-8HV1R1k&pi=pubmatic&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8851619772679151664
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| _wpemojiSettings undefined| $ function| jQuery object| jQuery1124019334300289304074 object| ognUserinfo boolean| googleadscript boolean| ognSubscriber number| ognActualWidth string| sitehost function| popupcenter function| getActualWidth function| ognCreateAdsenseSpot function| ognCreateVideoAdSpot function| ognCreateAdSpot object| nitroAds object| ads object| nads object| napbjsChunk object| napbjs object| _pbjsGlobals object| mnet object| googletag boolean| ognNitroPay function| __uspapi object| __gpp_queue object| __gpp_events number| __gpp_lastId function| __gpp object| apstag object| Criteo function| gtag object| dataLayer object| ogn_params object| tocplus object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| wp string| cookieConsent string| cookieConsentNo object| hash object| qs object| pathname object| hostname object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal number| thisannounce string| announcetext string| lastannounce object| twemoji object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| nitroAdsCMP object| regeneratorRuntime object| __npcmp_queue function| __npcmp boolean| __npcmp_init object| dashjs function| OpenPlayer function| OpenPlayerJS object| openplayerjs object| _aps boolean| apstagLOADED object| apscustom function| ShopifyBuy object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 number| google_unique_id object| criteo_syncframe_state function| _33AcrossIdMappingsProvider boolean| __bt_already_invoked object| _google_rum_ns_ number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_13414 object| closure_lm_126658

154 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQyIPyk9MxCgoIkQIQyIPyk9MxCgoItAIQyIPyk9MxCgoI5gEQyIPyk9MxCgoIhwIQyIPyk9MxCgoItwIQyIPyk9MxCgkIOhDIg_KT0zEKCgiMAhDIg_KT0zEKCQhfEMiD8pPTMQoJCB8QyIPyk9Mx
i.liadm.com/s Name: _li_ss
Value: CgASDw2_JnLGEggKBgiUARCCFw
.nitropay.com/ Name: __cf_bm
Value: a1LRsfboEHinMDqEeTuAYdcW.3nubV3XEektGET_76s-1705949030-1-AUwp5v+HCj1kk4GWdP12aXrLdLYCc6W+CYV7pcZw0NLN2ycBM4YyznSWNzEBHYwOBOrD9QEqHIo1K2BWVshThZ8=
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluid
Value: 1331579128763342695977
.lijit.com/ Name: ljt_reader
Value: ICQjjBZH78sk_TbMTt-2JdYJ
.5esrd.com/ Name: _ga_YS1HY85X30
Value: GS1.1.1705949031.1.0.1705949031.0.0.0
.5esrd.com/ Name: _ga
Value: GA1.1.1616036504.1705949031
.dotomi.com/ Name: receive-cookie-deprecation
Value: 1
www.5esrd.com/ Name: PHPSESSID
Value: btg5tah5bu4daltiqor2aqfi5u
www.5esrd.com/ Name: lastannounce
Value: 90772
.dotomi.com/ Name: DotomiUser
Value: 730907408405876913$3$1705190103$$1
.cootlogix.com/ Name: vdz_sync
Value: f0ea63a0-8757-c6c4-b8d0-8826513fb920
.dotomi.com/ Name: UP
Value: 730907408405876913$3$1705190103$$1
.5esrd.com/ Name: ncmp.domain
Value: 5esrd.com
www.5esrd.com/ Name: _y
Value: 327c880d-AC61-46F2-ECCF-FB948BC76313
www.5esrd.com/ Name: _shopify_y
Value: 327c880d-AC61-46F2-ECCF-FB948BC76313
www.5esrd.com/ Name: _s
Value: 327c8815-DBE8-4BDB-E31A-76F267616045
www.5esrd.com/ Name: _shopify_s
Value: 327c8815-DBE8-4BDB-E31A-76F267616045
.amazon-adsystem.com/ Name: ad-id
Value: A7iUidfbk0I0lVKLQ5SuuwI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 5264239699130614520
.casalemedia.com/ Name: CMID
Value: Za63a9ER0Ln7WCxCRQYqhAAA
.casalemedia.com/ Name: CMPS
Value: 3641
.casalemedia.com/ Name: CMPRO
Value: 3641
.5esrd.com/ Name: __gads
Value: ID=122a1332af3f47b0:T=1705949034:RT=1705949034:S=ALNI_Ma1_PdfMEFiZrf8jbKmlENlyZR9YA
.5esrd.com/ Name: __gpi
Value: UID=00000db9363cf52e:T=1705949034:RT=1705949034:S=ALNI_MYqqeMiTJGx2tXLZ0rD3VDEwNEg2Q
.adsrvr.org/ Name: TDID
Value: 553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2
www.5esrd.com/ Name: na-unifiedid
Value: %7B%22TDID%22%3A%22553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-22T18%3A43%3A55%22%7D
www.5esrd.com/ Name: na-unifiedid_cst
Value: TyylLI8srA%3D%3D
.openx.net/ Name: i
Value: 388370bb-8d57-0984-0415-f31b298fc1a3|1705949035
.mediago.io/ Name: __mguid_
Value: 09dd4f7e6ff8e94f26kp8a00lrpa0c71
.simpli.fi/ Name: suid
Value: 3F66180D3274469DA5E9643B9D81CE1D
.contextweb.com/ Name: V
Value: td800RW9A2He
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: aeb0953eb7efb095
.media.net/ Name: visitor-id
Value: 3489506357034093000V10
.zemanta.com/ Name: zuid
Value: R6szywjTxz4ISx9CzGYb
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrI0V7IyNDcwNzS1MDM21VEyNDBCFzBGFTBC41uiaKgFALsOEL0%3D
.sharethrough.com/ Name: stx_user_id
Value: d6630e4d-4a2d-4525-a2ce-0b6de149f6df
.bidr.io/ Name: bito
Value: AABf_k7LXW8AABMaNAEM6g
.bidr.io/ Name: bitoIsSecure
Value: ok
.doubleclick.net/ Name: IDE
Value: AHWqTUmTPQZtaTycQsSUtAikA0Aj7qqx6nSfCAjaAcXNWqIRhN8wl8x21KEp3HCIfYE
.company-target.com/ Name: tuuid
Value: 0bb679ad-da5b-422b-904c-81bc7a215aaf
.company-target.com/ Name: tuuid_lu
Value: 1705949035|ix:0
.adgrx.com/ Name: ADGRX_UID
Value: 324ac73e-b956-11ee-b644-b7871f57e117
.lijit.com/ Name: _ljtrtb_92
Value: 5264239699130614520
.liadm.com/ Name: lidid
Value: 39bf75f7-8b78-4646-be33-6af46269396b
.csync.loopme.me/ Name: viewer_token
Value: 58fbe5a9-b66f-4901-b450-6160664523f2
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwbHGpn7hAoEJ1H7cXE4nQ-1IEMOOkFqCPS7qoWzYR_WY44rIWr2C6bJvpQC4TM1
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1p9p|2N.0.AQELJbVrWLrRsAJkoiPWAQEBAQE|3oy.0|4is.0.CAESEH3Vy9YuvSvMavywFI3BNJc|7TY.0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D7359040-831C-4C53-8F3D-3E61AAF82C32
.openx.net/ Name: univ_id
Value: 537072971|553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2|1705949036030940
.adform.net/ Name: C
Value: 1
.adx.opera.com/ Name: UID
Value: OPU70a0bce6039d4daca1e59f3959e90c3e
.krushmedia.com/ Name: krm_usr
Value: af474310-4ad1-594e-a19b-9e4307270d46
.adform.net/ Name: uid
Value: 8851619772679151664
.lijit.com/ Name: _ljtrtb_103
Value: OPU70a0bce6039d4daca1e59f3959e90c3e
.krushmedia.com/ Name: krm_r
Value: 572|undefined
.linksynergy.com/ Name: rmuid
Value: 7c19814a-3429-4b8c-8502-64f3b33606c2
.linksynergy.com/ Name: icts
Value: 2024-01-22T18:43:56Z
.tapad.com/ Name: TapAd_TS
Value: 1705949036726
.tapad.com/ Name: TapAd_DID
Value: 9b244153-841e-453a-bde1-70992b73f94e
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECBX12YvFj5nEPZwSITg0us&KRTB&23025-CAESECBX12YvFj5nEPZwSITg0us&KRTB&23386-CAESECBX12YvFj5nEPZwSITg0us
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:3F66180D3274469DA5E9643B9D81CE1D&KRTB&23486-uid:3F66180D3274469DA5E9643B9D81CE1D&KRTB&23489-uid:3F66180D3274469DA5E9643B9D81CE1D&KRTB&23539-uid:3F66180D3274469DA5E9643B9D81CE1D
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&KRTB&22918-553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&KRTB&22926-553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2&KRTB&23031-553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2
.yahoo.com/ Name: A3
Value: d=AQABBGy3rmUCEKIvItlTWQ5ejJpPUh2sL0MFEgEBAQEIsGW4ZQAAAAAA_eMAAA&S=AQAAAoOkJKaH3PaoFaiqNbXguTc
.alcmpn.com/ Name: _3ci
Value: 33027871-b956-11ee-a08a-533201919570
.turn.com/ Name: uid
Value: 4468107433271758181
.openx.net/ Name: pd
Value: v2|1705949035.2|iyvQvNgun0.gqwksLmOgewL
.cootlogix.com/ Name: vdzj1_40c406b3
Value: 4BH12QjK4KMWIpD1hKkg7VTk5OSwCNxNSCkh%2BUnh4ZCwWclVfZV56V3t9Zn4UJ1RfMg5pGGl7Zi1EcQFZZVl4Bn9%2BNnlAdQZYNAx8Uihve2tFIgINZVpzDSgvYH4RcgFYYF0oV394M31SaBNeYl0uBXl%2FZXhIdVQKM1svB354YytBJgZKfUh9Bi0oYn4TJlUOZlgvAH5%2Bb3hDcARZYQtpGGl7ZHtBJgFRZ116BXN5YnETdQhZZQt%2BAX5vCmVSJ14dPx5pDnthdS4UNENKaxFpXTgIAmtKIlAEIg9nFiwpJztSfhNYc0ZpUy89JQofKkINPx5pDmlve2sFN2EaOBwqVzJvbWtBaRxFcxdnFjgoJDoZK19Ka0h8DXN%2BYCpHIRwKM116GSl7MX5dcQcONUd7VXIoM35BJgVcYw9pGGkuOCceIVIcOAUlfS9vbWtGdlNaNFMqAXMrYSsWc1JfZAkqVS54Mn1SaBMBIiMtRiogMmtKMEMdNBc%3D
.colossusssp.com/ Name: gtm_usr
Value: bf94023f-32db-4796-a13b-f1630153aa5a
.linkedin.com/ Name: li_sugr
Value: 82a9f44c-add4-4785-be27-ae59d332faf8
.linkedin.com/ Name: bcookie
Value: "v=2&ff874b9d-1dba-46a7-856b-0397ed63dc0f"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3159:u=1:x=1:i=1705949037:t=1706035437:v=2:sig=AQHfGPYSY_kdsPjPwb1phOreTPtSd_DN"
.bidswitch.net/ Name: c
Value: 1705949037
.bidswitch.net/ Name: tuuid_lu
Value: 1705949037
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-82936826-9fe8-451e-b84d-303146b39ef7-005%22%7D
.lijit.com/ Name: _ljtrtb_97
Value: RX-82936826-9fe8-451e-b84d-303146b39ef7-005
.lijit.com/ Name: 3pids
Value: 8105:c371f3a46a0cf80ccb6bb53ce85259a1,,15d4ef2a428572900a9e39a893452a3378ab164e,,28fbaf00ae5a4767a5f448a07706ed924ac4c72e12adcf8eddc3dd7319f80d7a,,
.media.net/ Name: data-g
Value: CAESELsv6I2zgk5eg8fVKNe2jpU~~8
.media.net/ Name: data-co
Value: AQELJbVrWLrRsAJkoiPWAQEBAQE~~8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-82936826-9fe8-451e-b84d-303146b39ef7-005%22%7D
.quantserve.com/ Name: mc
Value: 65aeb76d-b9d7e-3cab0-47e67
.media.net/ Name: data-o
Value: 2303267d-8fd0-0c93-3d8c-459dff476082~~8
.bidswitch.net/ Name: tuuid
Value: 99ac63e3-e16d-4a63-aae4-f6f4e132d491
.criteo.com/ Name: uid
Value: eff25136-4af8-4ea6-abc8-49da811f8a17
.rlcdn.com/ Name: rlas3
Value: cn4+9HEsQCZlnZp2FrO4Yn60rG8n3NtjHTyC1rA6cNs=
.creativecdn.com/ Name: u
Value: tusPQm0n7qjnITpwMizz
.creativecdn.com/ Name: g
Value: tusPQm0n7qjnITpwMizz_1705949037875
.creativecdn.com/ Name: ts
Value: 1705949037
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0NTO0NDQwMzE1NBXiM9QtD45MCs4wDTf0y_QDAJEtRTMlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0NTO0NDQwMzE1NBXiM9QtD45MCs4wDTf0y_QDAJEtRTMlAAAA
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7962a1a7-1e58-516b-4700-bc856d02dbfd.Tw%2BgFhS8In5UKjFy4ynad1tzMaqi7aCvAO764WX9R5o
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7962a1a7-1e58-516b-4700-bc856d02dbfd.Tw%2BgFhS8In5UKjFy4ynad1tzMaqi7aCvAO764WX9R5o
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AeWKhpx5YUWtHALyFbQLb_aYAzQQ.YeW%2FxOOtm%2Bkqv5cGLarkf%2FDwJYHs1v3C0m3lQ4IXHFQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AeWKhpx5YUWtHALyFbQLb_aYAzQQ.YeW%2FxOOtm%2Bkqv5cGLarkf%2FDwJYHs1v3C0m3lQ4IXHFQ
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJ85bsj6fwdS3p5jkthfJEE2gxZPmW3l2NserUFwPyYSEHwYBCDt7rqtBjABOgQ7vvenQgQn2JP8.Z7iG00X%2BN%2FVMd6HObSzAbJQ2as%2FktqGETnuifSpaPXk
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJ85bsj6fwdS3p5jkthfJEE2gxZPmW3l2NserUFwPyYSEHwYBCDt7rqtBjABOgQ7vvenQgQn2JP8.Z7iG00X%2BN%2FVMd6HObSzAbJQ2as%2FktqGETnuifSpaPXk
.w55c.net/ Name: wfivefivec
Value: j7NgiJul1RrZh45
.media.net/ Name: data-r1
Value: RX-82936826-9fe8-451e-b84d-303146b39ef7-005~~8
.rlcdn.com/ Name: pxrc
Value: CAA=
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!546-2!546
.media.net/ Name: data-c
Value: eff25136-4af8-4ea6-abc8-49da811f8a17~~1
.media.net/ Name: data-c-ts
Value: 1705949038
.media.net/ Name: data-rk
Value: 1791377156191064515~~8
.yieldmo.com/ Name: yieldmo_id
Value: VESUbiittUiZO3GX6dGv%7C1705881600000%7C0
.media.net/ Name: data-sh
Value: d6630e4d-4a2d-4525-a2ce-0b6de149f6df~~3
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-xu
Value: j7NgiJul1RrZh45~~8
.media.net/ Name: data-ze
Value: R6szywjTxz4ISx9CzGYb~~1
.media.net/ Name: data-ttd
Value: 553f9aa0-a1d8-4f75-9ba7-6afa48c3cea2~~1
.sportradarserving.com/ Name: zuuid
Value: 8afe8626-c4c1-4ba3-8d49-84dc68781890
.sportradarserving.com/ Name: c
Value: 1705949038
.sportradarserving.com/ Name: zuuid_lu
Value: 1705949038
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1705949038
.server.cpmstar.com/ Name: USER_ID
Value: %3cM%d0%a0%04%dc.%fa%1d*4%0d%c0%e7%e3
.pubmatic.com/ Name: SPugT
Value: 1705908056
.mfadsrvr.com/ Name: tuuid
Value: 376d755f-73d2-42f8-9786-f8df9b0ce467
.mfadsrvr.com/ Name: c
Value: 1705949038
.mfadsrvr.com/ Name: tuuid_lu
Value: 1705949038
.colossusssp.com/ Name: lmg_r
Value: undefined|10|67|78|58|3
pool.admedo.com/ Name: tuuid
Value: 7bc5428f-74f5-4fe2-8312-34d603a2b65e
pool.admedo.com/ Name: c
Value: 1705949038
pool.admedo.com/ Name: tuuid_lu
Value: 1705949038
.mfadsrvr.com/ Name: ssh
Value: !medianet,1705949038
.cootlogix.com/ Name: ck48wz12sqj7
Value: cGe15p53cCUZcxUd3VN0CxdGECYnEwdab0YFM30DQVQFB24xOVcceFAEYy8dRw0BAG5jP1sZNlcKMngAQlQRT2E2NQ8XJhdGJWwKUldVWndlaFAeeFcBMiwdRAIKVW40a1AaeAICYH0AQQAAAiJgO0EF
.media.net/ Name: data-bs
Value: 99ac63e3-e16d-4a63-aae4-f6f4e132d491~~1
.media.net/ Name: data-mf
Value: 376d755f-73d2-42f8-9786-f8df9b0ce467~~1
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI3vC57IPhzTwQBRIXCghwdWJtYXRpYxILCJbC6fCD4c08EAUSFAoFdGFwYWQSCwiikdj4g-HNPBAFEhYKB3N2eDl0NTASCwiIwoL6g-HNPBAFEhYKB3J1Ymljb24SCwis1L6PhOHNPBAFGAEgAigCMgsI2POasZrhzTwQBTgBWgc4bTMzems0YAI.
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: LRPA0F0Y-K-6SPU
.media.net/ Name: data-r
Value: LRPA0F0Y-K-6SPU~~1
.adnxs.com/ Name: anj
Value: dTM7k!M40*fQBY/ghqdmU(7TXm97?7#?nG-N:uKgRe4r:[f-zyRnu7%2nmYR81T9AS_oEBotwOmAm>4gP-hz-mxJYo0Kc<2(EfM*dRCJKcf6X.Gn!i#HN@huD?b`sGluujFpmD#3*=]R41ii!ByG0>mc=mkiH7!P?Z/1+26#gSmzhF^PsXH%!*8IlXeB(r
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIxMzMxNTc5MTI4NzYzMzQyNjk1OTc3IiwiZXhwaXJlcyI6IjIwMjQtMDQtMjFUMTg6NDM6NTdaIn0sInJ1Ymljb24iOnsidWlkIjoiTFJQQTBGMFktSy02U1BVIiwiZXhwaXJlcyI6IjIwMjQtMDQtMjFUMTg6NDQ6MDBaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDEtMjJUMTg6NDM6NTdaIn0=
.rubiconproject.com/ Name: audit
Value: 1|QhZoZqWHP9J00HMWpqW3bgK6IuvWEc3nwyYN4rcasQGbyR+hvQt5L74aKVkot4wgC3LvnXeGUp4iZ07GJqnMnrT0MEv0F07OaPPeOixKWns7TsWXU5BfHj2MaQZ9Xp9a
.ads.pubmatic.com/ Name: KCCH
Value: YES
.lijit.com/ Name: ljtrtb
Value: eJwVykkKAkEMAMC%2F5Gwge3f8hIMgeO0l8wnx747nqg8wKdzhcbwaDZqrgjS37bEGl%2Bep6VlJSwtukHJVlzDRjExWCjYX%2BlO76PnGLqnRJTDP6mjOhbPbRiVli6lZZ0Mih%2B8PQhodYA%3D%3D
.lijit.com/ Name: _ljtrtb_80
Value: LRPA0F0Y-K-6SPU
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156737:4
.pubmatic.com/ Name: DPSync3
Value: 1705968000%3A248%7C1707091200%3A262_261_260_259_263_201%7C1706486400%3A265
.pubmatic.com/ Name: SyncRTB3
Value: 1707091200%3A3_165_104_22_5_250_21_13_71_220_166_8_54_231_55%7C1706745600%3A63%7C1706486400%3A223_15
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.w55c.net/ Name: matchpubmatic
Value: 5
.adnxs.com/ Name: XANDR_PANID
Value: h7RxeZJK1ArJtAu9ZZaQ9jfN5uuuK2vfI9Jr4lQzm8VwYYMvFqGWMX5fd2dcKYxs2ABPF22asLwGhU4J6YUtACJDnk1vzOnFUXF0hhAlEC8.
.quantserve.com/ Name: d
Value: EIgBEQH7KvijCJiTAA
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2gbu
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-324ac73e-b956-11ee-b644-b7871f57e117&KRTB&23275-324ac73e-b956-11ee-b644-b7871f57e117
.pubmatic.com/ Name: PugT
Value: 1705949039

6 Console Messages

Source Level URL
Text
other warning URL: https://4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20D7359040-831C-4C53-8F3D-3E61AAF82C32&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cs.krushmedia.com/de7ce10e57c2d3dc3202d108c71b2d20.gif?puid=d6630e4d-4a2d-4525-a2ce-0b6de149f6df
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning URL: https://s.nitropay.com/ads-102.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ex.ingage.tech/v1/sync/colossus/363546c6-f8af-4f33-8c94-663c5bd45eaa?uid=bf94023f-32db-4796-a13b-f1630153aa5a
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr_consent=1---
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4cdb58000580a7f82f071736c06f008c.safeframe.googlesyndication.com
a.nitropay.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
account.opengamingnetwork.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
adrta.com
ads.pubmatic.com
ads.us.criteo.com
ads.yieldmo.com
amazon-tam-match.dotomi.com
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api16-event-va.pangle.io
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
cat.va.us.criteo.com
cdn-ima.33across.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
colossusssp.com
config.aps.amazon-adsystem.com
consent.nitrocnct.com
contextual.media.net
core.iprom.net
crb.kargo.com
creativecdn.com
cs.krushmedia.com
cs.media.net
csi.gstatic.com
csm.us.criteo.net
csync.loopme.me
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
ex.ingage.tech
fonts.gstatic.com
ggsoftware-d.openx.net
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
hbx.media.net
he.lijit.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
ids.ad.gt
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imageproxy.us.criteo.net
imasdk.googleapis.com
ipac.ctnsnet.com
ipds.adrta.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
medianet-match.dotomi.com
monorail-edge.shopifysvc.com
nitropay-102.b-cdn.net
openrtb.cootlogix.com
p.alcmpn.com
p.rfihub.com
p16-ttam-va.ibyteimg.com
pagead2.googlesyndication.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.cootlogix.com
prebid.media.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rtb.va.us.criteo.com
s.amazon-adsystem.com
s.company-target.com
s.nitropay.com
s.w.org
s0.2mdn.net
sdks.shopifycdn.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.colossusssp.com
sync.cootlogix.com
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.nit.ro
tags.rd.linksynergy.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
v.nitropay.com
v16-ad.byteoversea.com
web.hb.ad.cpe.dotomi.com
www.5esrd.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a.tribalfusion.com
ad.mrtnsvr.com
apex.go.sonobi.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
core.iprom.net
csync.loopme.me
gocm.c.appier.net
hb.yahoo.net
image2.pubmatic.com
ipac.ctnsnet.com
match.adsby.bidtheatre.com
match.prod.bidr.io
matching.truffle.bid
nitropay-102.b-cdn.net
pippio.com
pmp.mxptint.net
px.owneriq.net
simage2.pubmatic.com
sync.go.sonobi.com
sync.intentiq.com
sync.mathtag.com
synchroscript.deliveryengine.adswizz.com
ums.acuityplatform.com
us-u.openx.net
104.18.35.167
104.18.36.155
104.18.38.76
104.36.113.107
104.36.115.111
130.211.23.194
131.153.147.138
134.209.126.4
142.251.111.154
142.251.163.149
143.244.160.239
15.197.193.217
151.101.1.108
151.101.130.49
172.240.155.100
173.231.178.77
173.237.69.132
18.160.10.80
185.146.173.20
185.167.164.43
185.184.8.90
192.0.77.48
192.132.33.67
192.241.152.120
198.148.27.131
199.38.167.130
23.12.146.150
23.200.44.18
23.202.152.28
23.202.153.103
23.205.2.235
23.218.216.30
23.220.124.197
23.222.5.76
23.62.172.23
2400:52e0:1a00::1067:1
2400:52e0:1a00::718:1
2600:1f18:26d4:7e06:d45b:472a:259a:8fe2
2600:1f18:4e9:5a02:3c33:5926:76d2:8c3e
2606:4700:10::6816:4ad8
2606:4700:10::6816:545
2606:4700:10::ac43:2954
2606:4700:20::ac43:4513
2606:4700:3035::ac43:c19c
2606:4700::6812:34e
2606:ae80:1451:19::1370
2606:ae80:1471:12::500
2607:f8b0:4002:c0f::5e
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::95
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c07::84
2607:f8b0:4004:c07::9b
2607:f8b0:4004:c07::9d
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c17::61
2607:f8b0:4004:c19::5e
2607:f8b0:4004:c19::9a
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1d::71
2620:100:a001::16
2620:100:a001::18
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
3.161.212.32
3.18.15.211
34.107.189.147
34.111.113.62
34.120.57.242
34.120.63.153
34.144.237.127
34.200.65.202
34.233.163.95
34.233.28.229
34.234.28.80
34.235.32.60
34.237.132.177
34.237.83.209
34.96.71.22
34.98.67.3
35.186.253.211
35.194.66.159
35.207.24.140
35.208.249.213
35.210.53.219
35.211.178.172
35.211.233.246
35.214.132.246
35.226.42.89
35.244.154.8
35.244.159.8
35.71.139.29
40.76.134.238
44.195.244.24
44.210.167.205
52.22.192.2
52.3.195.166
52.46.130.91
52.85.107.191
52.95.118.179
54.145.121.220
54.146.129.87
54.157.82.146
54.90.34.250
63.251.86.49
63.251.86.51
64.202.112.191
68.67.160.132
69.164.217.55
69.173.151.100
69.194.240.13
74.119.119.147
74.119.119.150
8.18.47.7
8.2.110.134
8.28.7.81
8.28.7.84
8.43.72.98
82.145.213.8
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
0137fd5d5321eada7cd1375a537f0f39579ac3331854cae45dcc3cefb4ccc83f
01b745685caf86b20552ffcd0e0199e6c30744035a7a5e2e26523d5cbe5211a1
02e9b4d294b44ad451eeba57019d1a6e41bd40e0913ab8183d484dbccc80d75f
03382ac2fd7fe0d58ae2f81964b332bd34dfc9cc5145a10e61cb5e776aef5e2b
03f036cfcd286826372c70e4161fe67610f9e4b04778aa1f1c45bd765ba685d8
0462e5a5daa71ff136452120c7232ee415755a2453794df0b7fb189f4b39dd48
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081cf6345ca702eb4b0c3889b85b6b0db97908547b73a3b5f476a34811e4ed4f
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a73e5b3901db371fcc06ca7e8e1849390f002bfd6631e29842e1319e5d599e8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
0cdc366c0a50917e9f64b5732ea8279138bb889c1127c16481d0b0f4dd6cddc5
0db8b3e2f4ab7d39f93e1184fc7341e9b08d3cf69bd0816151dd80098e5da526
12ff2e331bc16011be69c859fab26946c42f4b10681b151cf9110a83f09b9e62
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17d6c4c8e44fb37c82599d9c5eb72c76d5b8b0ee57041135fdcc3e712e1eedad
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
1c1ba3b2024845feed6b7820733d0af687dda5ba6bfba8c2bc75a0c8018fc626
1c22134c6e0a3e8da76ec971c8c00a2cdcaab8d7db75ea982faf2cce2d0b0caa
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
1d8e70a81e552a00a4254f6d493dbb36aecdd42d8587ea5ce9463cb077f0ee4c
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
220d44f45c176fedb1ed0ea9dc8d68d13c63d01558a0448e312af2c85efd00e3
22d5657656b5232f40d005f520f54672d4dee9add51db693d71fb7d5e94b0cc4
22ef4d1c10ffa6b9c6e743a2b6b8872bc25ba4680f139a02b36a828bef31320e
24539433fce4b27fc6c4a4c471eb078a394d562681dc15f3b7f1fc1550ab41f2
24a78517ae6a454ffaf2b26315ea2a1383d893694a28abf6ed2a4a1921b03bed
24c5e57cca2bfe6dec307f8ec7b59ef093e25a02889120bb9a40d1d908daeb8b
26d89426163cf206b5254248cde498f43b51fe89bb4aa5fba1f12ffaebdaa876
2719c149ed1b28cce6d87b2edebb10026164e1759720db03ea76e131b34512bd
278069e8c32be6913a47d3f7d8eac059e3099d066c1f1e382a6f613f8c747515
29190ff7a2219a8ee64b599316f01317434887025a4ada3d70d894719afa2d6b
29dd3dd65ecc23716091c9fa1d3c063b5cf52333b39214176b8b2c85f57ad263
2c31431957bd7f8b6934cd2c5bace03445552bba8fa9bd5e99e29dae1dc0fac3
2c42391fc43043ff71e168a5b881e9ed95bd1e18480f8d2dc5dc77e9624f7797
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3198778b9f0c39cb5e05832491297ef9471917055304f8056900b0c47370d9ac
32f864e9339d3098d0edd89674ecbde7fcd10cc5677cab6fc6c23eacd94f29b8
32fdc08e416efc18543a67a1c5a74389e5d797b5edd09e73dba83ad91c1eff5e
3313b2914d57463d0310f8a4f4a886e7d4a42fad071f128b8b41fb4e59c2081b
33bea4ef0932733163e7d94500347fec6c92b4249999a2b2d2149140132e7820
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
38c84d4eb9c10d7d6c88f407670064f6120ec6ff7dbb59d75b8cca307492f061
391af5c74513a00bf1ba8d342205d66deda74c2f8d2a265816a1786423ddaf1f
3a27166647c773fb21d29685b1ca4070255da70ece7518c1e31f4a6c59692470
3c180af1fb54463c53f8c57103a5a7733ecf24ea3ff16829db3800e2c762d21e
3c250aeb3756baae68234b38f0d9ee835cf81c52b825ff1c4d4a42b836efc35f
3d5c5de31ad9d64a23beda3d8ec60183ca3ca1d19777d15e3ef4bf42c27924a8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3de00694b79d67bd793fcdc2dc9af247f1d11f9937b7af212e7cba2d389e5c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f325dea70d549641f861837cd2f731691f3190266e182b16a65e1e8a010e23a
3f62a4acbbff9aa8522dee2631be35333fdfc666f683019923e780ce677be7b6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40459086c6383ee3b43c8a19c205bd8dd08511237d922150b242194b51d98d18
407b333d3696b6ec2fa8b618c6fd57c3efc72e7243d05a387c3b0397cde0f9e9
4144937e0db08cfe72f574dda72b1f5f08a1a70614a8faa4e8d8fac6eac1ffd2
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
447825c34846cdfd707880a9dabb190f1da402b4ebb9ef87248873dff88177a9
44bb8ce390f40188c3677790c9ca78eadc0397c0ae1b0053b507425f340f3727
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47de60f4759ef636f01760a42a7b187cc02c407d21410fa1811337f550d8a8eb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a
4af957feb4d294855a64f414a962b425ce8466b371709d33da7f532251ae956a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7dacff7f4549a26231147fa50ae904b1712cfabb9c93e3c1b74fc1d2664f8e
4b828f0c8c58549d4ce0204ffeab54cc4c747467fada7e3313276c8572482307
4cc95076471b4cd2e971c4e7033c5a80e1152f2206b3cd9294bee9d03d55c10e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
521bbdb45dff374d52d9ba55e7e058915e3d925959d33f9b3bd9c31effa666ce
52d9412a2bdba8cac6f422da44e9bc7a9b0e8506725a8030fb3a09c7891b1158
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559c10a18484c580ce28fa0c6ef3b808ec01af16fbf3b846b3ef45bec8705b97
55ead117a30943812f4c908cdb1e4bb0f28a05204571dcf685f093531bda6def
5d1f0a1ef5bc62ade3ee0ea9728e240aa2961afe24d39312d59694f01c6a6b82
5ebcaf9329f3070502162e0d5e8f748a633e2faf321e4797e1c1924dc0549bee
5f3e4474e837b01e962bd1e741068d28829084b80094ddfbf36d1d1fb7d186da
5faa25a12dc00015120e427e4e758c24da18d756aa627a9907aca3f0462f48f3
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61bcd15df07a6db7485a025ad2d767d96e67db06a6afc7998fde8b5c004dba6e
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63c5424b56c8619866cf82c76998bca4dcfbb36acbb76b5ba8099c917c7b2b0a
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
6553c68622529bcfc49abca8fffa4d8b50b4ddfe4f81f2ff66b15ef28d03c748
65bbe66aeafba11593573bdee6f73975efa7e357c23956f596480d503121877c
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50
670b99de51bf43d0aca4ead7a22766669bcb32dc7f8fefff39674c3a1b017318
687f66f277b41d6f1f3f8577807dd2b472170b6404db20a5aeee6d8e20d3d05a
699dbb2e5e72102daae5ed65405810601f6df82c221c2b9a39d5e0b5d2a3b615
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6d1e4643d16163184b10f4793692716cc5150c27ff29e0ce415837fbf9910351
6e8deae5cc4ba74a776214b218852d39046f01ae257ffb2077caeb8a0d8a4aaa
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72c386b49bd444594d4a32146811b03bca7bb0fd6a0e114458da3ae6594b6c38
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a7130c39979be1507d68cdd7242fd6c7ed6fa1d56959c511537ca4714ebdac7
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7e2857c736157ccc10656d395441ce312ec0ae7144237ce967ecedd9f897e015
7e8d54d6c6a4ebd0237786d41ff5d205096eda696f2a5b591e074fe94ba3b3af
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83050dcbb586aef632ab267b90d3a108fe6f7cb8c7ec80c010603b8b58025807
86a8498715f70ee20d8dd02774e1397846ad35e229c1f7b019a3d5c902c7e971
8738d35f416f7205dfa66b0dd2b3df8273288814a0566f6df60df57029d69520
878a737eb274ccfb9c0945824dc354469cc09f976e70f21f44cf5581c8b81603
8b816cb4a6f82b4966260449a93e2be5011c1b0e02b08c57786d8ff96ebf0570
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
8d665d55cbf98b91edfa41f6bb5f3c97fe813c8cb4690522e2610cd78da67700
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
945f09bf766708b35df35ee4a36d87ae9cb12b67c39ec3b717f5b9d0325decd7
94f223ccf9bf40d6a340e41b70de9e62bdc1fa311501cd1928f09f4d1a482085
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
971788083e8b8084b04212dbb46e70e4e8b9c4b81491f184141a4cebdea18ba1
99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe
9b38de84848aa5c208007506fc9d8dc53ded3962800b09f83b6d093555ba779f
9c8b62738dde1fdf8e80a8b03af8c35d90021aa4c9882735777090d5ee3e179c
9d9faf92d5031707ade900a893ce95d561540cf4e8df13ccecfe2ee9c63dde01
9e0005c7319222a7be5dfb42f9727d20cd3d73f37f6dc0f82dfdb0441bc8680b
9f48bb02f034e2e6ea4edaec5c87fec945e88790d31991013cba3ccd2399fd20
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a020cc1c67c608133cfe17af5d69384ab6d035f191f4dcc77241d35d5ec4bc50
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3f7cc1e5979d74387e0fe9a1cab7a59c5141eb260b26f4b74789ba1101fe387
a4c569d014ae96433d816cf70a7b2b2b176005058a6e9638caa3808c296691d3
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7311fbbf26ad1c83a0c5c9011dddd129a09587efdf41e2b76b87b602b50a566
a8772d530443a16e246c5c24979c536e33d41c1f0e12f4e1144a48190d841c41
a8a4b3ba55506c8bf9258491141d74403219b93e58e893be712b486615c271a3
a95e2be74bab5505b36b35efe8e18679d964ff4876d1f39b2ecdd5163bd8b9ca
a985e8b917877fb32fd337d39e7632e93d9c78a2f540acc777898607a88afe54
a9b3279098cdbf929fabc4d47cb708aa49b18b1b741da36ce68b97c5508f61f4
aad3a7fb9d552a5b3dcdc13d7e054602f9cb8daf18476421718f83bad7d04268
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16d63b8f092de9e01e964c18209243df0092cff254cb533264bef724ae0689c
b21ca8820092f25274b365f90f6e54f2434a3556e1bd930d3ede45849029489d
b5ed508e746a172a6dad52ad6fe0a553753b62ed97f2b9231322189090838863
b62de47457c752650aa780ee09a46f9f8f48ac4741507dd921cc07bf028cc119
b7e1f0b6cb6c8752fc70e6587a8f3954a1dca3f2aa9d129fdf44efec9f1e36ff
b7ecdcc0bc5edb80b01fa2273a715a40622f1b72588ee99fc60951e91c1d4c59
bb1dcf24c5833050db57433b59471a450ae121f47e044e646fdb7684072de6d9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf41f73936eefaed7c45ed6df28b056c2e1f7b44b0ffe63d56d07d081cf7f428
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
c4afe58a356aaa6da8fb03d6c4429a88f0a7f92406e423955ba496109c495ce9
c7a408bad379a4bb11911118349961fc578f7ad44c084315a2cb68cea4bd9588
c7b10d294e734c0045b27afced356672202fa70e9f537c5fdaafaab5462d604e
c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4
c899c3c18e019626d24a9b9ffc38ff02c4a895b88b228fba8eb1e821531d3ca9
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
cb578ed9307a8912ee5bbd79f91b80fec2abe28042e6bd03a83c679f33005411
cc2aa60d2c4f730c1797114a4d9d680b599088c6645dca8fe9d708feed136865
cd313997d4ddd0d290c7c247b587d09dd2d33a468e27cda5c1bd589bd299df34
cdb82b0a0d03e51d3dcb285d20a3733592db101c591fbe6843e84e320af9ae95
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf708bae0b3a99e3a2b64241e3f3fb2b50dca4c3c4967218200700447939ee40
cff9519362013d9ecc4540de0afb74bd85ccd74a3496a216b95c4abae6022d5d
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2e4d8ec9342ec72ee637b75d2de575393b98ad44139feedac1d66144f579786
d2fc753bf9543b229f376ad7debb0a291564f7938ed7e0b954ed733f60562ceb
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5f77d419a79cfc384824969311bf33d8b00a268e3990d24fde5a3757c120042
d61381ba783e477d9c4800abb2a4e39bf9aada70ee0192b7e118b8ef52523254
d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1
d7f78356795807c99aa29807dd2e07a7119dfe67a13207dcdb8bb1904a251b2f
d7fd6a7951df870678f2259596df401332b837b5e92b15b7b8d74ea8ac73890d
d815064fc8083cb203c0c5912f34e891e5ab69d781d63fb5d0f5709d78f10bb1
d8b3c4314237df1c0c5b38474988a046954f4cd8bc5dffe46229aa3884867b0a
d945b38d1109e82dad3088ce7465a573635e411fcf7d72b105aaede031feab60
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d96c2f98e6e40fb290f3518e59412574cd7e08979c1b402440463eb504ea5c26
e0774a9eb51266a63771a36ec16e4d63fec41a0a76935c48acfd79cb521bac4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f2cb20ed23c7594509f54d0a2cc5a81ea70523c5bec55624b56e7f41ca6acc
e63c4842f858ac22c87870f9090f90b697cfb02f7b8b5b9d4b261cb8733d7a18
e70dce7fa1dc6a1b8a2e42c7b783ed11647d527fd683314e4bebc712ace3c393
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ea16ede63fb4be507a3a5ece76f4e87bfa0e4967ab0be4109af4fd960ae7747b
ea54a8f952127f36c8ba976391617645b4fe893a307d1a693e3f04aeb5a439aa
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed12c0d9f531492bd81f2eb30125ce9a7db330b9d9854258879b55efebf3e75b
ed181744154597db05bb1bfbd9273e3f742fadcf9119e9fa3d1c72036c73bd7b
ee27eaa7780fa1753a897031386b43ec1c1e98b6b39a4aa40af39d0206c9a171
ee3f582e98dd2d07c9b0da18697fe6a29984354c48e8ad5c4ea5d51a8f82c6ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
ef3f38fbc4379406a164b12ef71390cd60266256f54c063a33fb160e1c447288
f0f7c9841161eb5b400675dfdae58e567c35dbf06d23c95592c9a56804f3e325
f5742898563956eddab2c7d9c3568b0ef85ee3f4bf250e0bd6144cae1b9e2578
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f884bcdc85f67771def8e45c20a55ddb0587204f3d62403dcd5846b5c7bbf456
fd3b428fbbdee0b29ab06528774db760883daed342b0ea16f9a60e315d048c69
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff33b8b88ad5254a11d09ba955831b451e51d63df876e711cb5d8f1200e935f3