sharemods.com Open in urlscan Pro
172.67.73.233 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Submission Tags: https://phish.report @phish_report Search All
Submission: On April 01 via api (April 1st 2023, 4:16:04 am UTC) from FI — Scanned from FI

Summary HTTP 323 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 93 IPs in 12 countries across 66 domains to perform 323 HTTP transactions. The main IP is 172.67.73.233, located in United States and belongs to CLOUDFLARENET, US. The main domain is sharemods.com. The Cisco Umbrella rank of the primary domain is 579228.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2022. Valid for: a year.

This is the only time sharemods.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	172.67.73.233 172.67.73.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.91.159.92 142.91.159.92	7979 (SERVERS-COM) (SERVERS-COM)
3	5.135.105.236 5.135.105.236	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	87.98.236.115 87.98.236.115	16276 (OVH) (OVH)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
22	178.32.200.56 178.32.200.56	16276 (OVH) (OVH)
2 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
3	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	104.26.8.178 104.26.8.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 6	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	198.148.27.133 198.148.27.133	19189 (PULSEPOINT) (PULSEPOINT)
3	185.86.138.122 185.86.138.122	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.106.140.18 185.106.140.18	7979 (SERVERS-COM) (SERVERS-COM)
1	108.138.4.150 108.138.4.150	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	23.67.137.210 23.67.137.210	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.211.25.228 3.211.25.228	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.18.27.55 52.18.27.55	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:8600:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 15	3.124.62.252 3.124.62.252	16509 (AMAZON-02) (AMAZON-02)
5	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	185.64.190.89 185.64.190.89	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	3.123.60.58 3.123.60.58	16509 (AMAZON-02) (AMAZON-02)
12 12	18.156.40.75 18.156.40.75	16509 (AMAZON-02) (AMAZON-02)
3 3	3.122.65.81 3.122.65.81	16509 (AMAZON-02) (AMAZON-02)
10	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	143.204.89.24 143.204.89.24	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 13	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
1	3.67.31.64 3.67.31.64	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:cba0:4e0e:1b37:264e	14618 (AMAZON-AES) (AMAZON-AES)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
5	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
8	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
47	2606:4700::68... 2606:4700::6812:d32c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3031::6815:5dd2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	8.2.110.113 8.2.110.113	46636 (NATCOWEB) (NATCOWEB)
3	135.125.163.79 135.125.163.79	16276 (OVH) (OVH)
2 2	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
2 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:eb09:ecfd:dac6:f566	16509 (AMAZON-02) (AMAZON-02)
2 5	67.220.228.200 67.220.228.200	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2 2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
4 4	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	216.52.2.86 216.52.2.86	() ()
1 1	37.157.6.246 37.157.6.246	() ()
323	93

25 172.67.73.233 (United States)

ASN13335 (CLOUDFLARENET, US)

sharemods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cookieinfoscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.91.159.92 (Netherlands)

ASN7979 (SERVERS-COM, US)

forworksyconus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.135.105.236 (Viens, France)

ASN16276 (OVH, FR)
PTR: vh11.eris-o.of.pl

video.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.98.236.115 (Wroclaw, Poland)

ASN16276 (OVH, FR)
PTR: vh11c.eris-w26.of.pl

cdn.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 178.32.200.56 (France)

ASN16276 (OVH, FR)
PTR: vh11b.eris-w17.of.pl

cdnt.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.8.178 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.83.142.19 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.133 (New York, United States)

ASN19189 (PULSEPOINT, US)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.67.137.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-137-210.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.211.25.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-25-228.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.27.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-27-55.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3fbb2638b8924c5cacad8808a84c61ab.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:8600:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 3.124.62.252 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com

eu.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

st.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.123.60.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-60-58.eu-central-1.compute.amazonaws.com

ghent-aws-fr.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.156.40.75 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-40-75.eu-central-1.compute.amazonaws.com

aws-fr-sync.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.65.81 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-65-81.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-24.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.157.6.253 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.31.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-31-64.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:cba0:4e0e:1b37:264e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2606:4700::6812:d32c (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:5dd2 (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.113 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

as.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu

user-sync.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:eb09:ecfd:dac6:f566 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.220.228.200 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.71.149.231 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.86 (None, )

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.246 (None, ) 1 redirects

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 8238	2 MB
30	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 500 ads.pubmatic.com — Cisco Umbrella Rank: 509 st.pubmatic.com — Cisco Umbrella Rank: 1142 simage2.pubmatic.com — Cisco Umbrella Rank: 733 image6.pubmatic.com — Cisco Umbrella Rank: 779 image2.pubmatic.com — Cisco Umbrella Rank: 999 simage4.pubmatic.com — Cisco Umbrella Rank: 1232 image4.pubmatic.com — Cisco Umbrella Rank: 1076	85 KB
29	onnetwork.tv video.onnetwork.tv — Cisco Umbrella Rank: 45934 cdn.onnetwork.tv — Cisco Umbrella Rank: 43701 cdnt.onnetwork.tv — Cisco Umbrella Rank: 57181	336 KB
25	sharemods.com sharemods.com — Cisco Umbrella Rank: 579228	205 KB
24	adform.net 4 redirects track.adform.net — Cisco Umbrella Rank: 3522 c1.adform.net — Cisco Umbrella Rank: 584 s1.adform.net — Cisco Umbrella Rank: 7499 cm.adform.net	156 KB
21	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 ad.doubleclick.net — Cisco Umbrella Rank: 172 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 pubads.g.doubleclick.net — Cisco Umbrella Rank: 434	177 KB
18	sportradarserving.com 6 redirects eu.sportradarserving.com — Cisco Umbrella Rank: 52597 a.sportradarserving.com — Cisco Umbrella Rank: 2605	32 KB
15	bidswitch.net 12 redirects ghent-aws-fr.bidswitch.net — Cisco Umbrella Rank: 11502 aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 24091 x.bidswitch.net — Cisco Umbrella Rank: 323	6 KB
13	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 498 eus.rubiconproject.com — Cisco Umbrella Rank: 577 pixel.rubiconproject.com — Cisco Umbrella Rank: 340 token.rubiconproject.com — Cisco Umbrella Rank: 574	15 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 3fbb2638b8924c5cacad8808a84c61ab.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145	41 KB
11	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 309 aax.amazon-adsystem.com — Cisco Umbrella Rank: 412 s.amazon-adsystem.com — Cisco Umbrella Rank: 301 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 964	68 KB
10	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2381 bidder.criteo.com — Cisco Umbrella Rank: 748 dis.criteo.com — Cisco Umbrella Rank: 718	10 KB
7	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 581	23 KB
6	gstatic.com fonts.gstatic.com csi.gstatic.com	168 KB
5	yahoo.com 5 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 302	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	40 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1289 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1006	24 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1216	98 KB
4	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 9564 user-sync.adxpremium.services — Cisco Umbrella Rank: 12776	4 KB
4	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 437 cdn.id5-sync.com — Cisco Umbrella Rank: 1045	35 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 imasdk.googleapis.com — Cisco Umbrella Rank: 473	377 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 368	793 B
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2947 google-bidout-d.openx.net — Cisco Umbrella Rank: 2875	692 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	146 KB
3	setupad.com node.setupad.com — Cisco Umbrella Rank: 48152	625 B
3	google.com adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 3838 a.ad.gt — Cisco Umbrella Rank: 3181	4 KB
3	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1664	17 KB
3	contextweb.com 1 redirects bid.contextweb.com — Cisco Umbrella Rank: 2700 bh.contextweb.com — Cisco Umbrella Rank: 578	1 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	95 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 940 api.btloader.com — Cisco Umbrella Rank: 1036	7 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 944	19 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1366	2 KB
2	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2305 vpaid.vidoomy.com — Cisco Umbrella Rank: 3615	19 KB
2	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 712	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5011	562 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4362	335 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 670	57 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 739	454 B
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6295 invstatic101.creativecdn.com — Cisco Umbrella Rank: 4136	2 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 828	361 B
2	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 41613	1 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1016	1 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1034	15 KB
1	lijit.com ap.lijit.com	277 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 400	648 B
1	ck-ie.com 1 redirects as.ck-ie.com — Cisco Umbrella Rank: 8680	484 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 387	140 B
1	adxbid.info adxbid.info — Cisco Umbrella Rank: 13406	3 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 299	16 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 804	609 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 507	737 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1173	183 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 533	356 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1740	37 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3194	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3449	2 KB
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4328	395 B
1	google.fi adservice.google.fi — Cisco Umbrella Rank: 306082	531 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2725	10 KB
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4055	884 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1051	219 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	44 KB
1	forworksyconus.com forworksyconus.com — Cisco Umbrella Rank: 814087	1 KB
1	cookieinfoscript.com cookieinfoscript.com — Cisco Umbrella Rank: 91045	4 KB
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 45871	120 KB
323	66

	Domain	Requested by
47	c.bannerflow.net	sharemods.com eu.sportradarserving.com c.bannerflow.net
25	sharemods.com	sharemods.com
19	cdn.onnetwork.tv	video.onnetwork.tv sharemods.com cdn.onnetwork.tv imasdk.googleapis.com
15	eu.sportradarserving.com	3 redirects stpd.cloud eu.sportradarserving.com
13	track.adform.net	1 redirects eu.sportradarserving.com s1.adform.net
11	securepubads.g.doubleclick.net	sharemods.com securepubads.g.doubleclick.net www.googletagservices.com
10	simage2.pubmatic.com	sharemods.com eu.sportradarserving.com ads.pubmatic.com
8	s1.adform.net	track.adform.net s1.adform.net sharemods.com eu.sportradarserving.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	cdnt.onnetwork.tv	sharemods.com cdn.onnetwork.tv
6	pixel.rubiconproject.com	2 redirects adxbid.info
6	cm.g.doubleclick.net	4 redirects
6	x.bidswitch.net	6 redirects
6	aws-fr-sync.bidswitch.net	6 redirects
6	ib.adnxs.com	3 redirects stpd.cloud acdn.adnxs.com
5	aax-eu.amazon-adsystem.com	2 redirects ads.pubmatic.com
5	image2.pubmatic.com	ads.pubmatic.com
5	ads.pubmatic.com	stpd.cloud adxbid.info
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn.onnetwork.tv
4	ups.analytics.yahoo.com	4 redirects
4	token.rubiconproject.com	4 redirects
4	secure.cdn.fastclick.net	sharemods.com secure.cdn.fastclick.net
4	gum.criteo.com	2 redirects static.criteo.net
4	fonts.gstatic.com	fonts.googleapis.com cdn.onnetwork.tv
3	match.adsrvr.org	ads.pubmatic.com
3	user-sync.adxpremium.services	adxbid.info
3	image6.pubmatic.com	ads.pubmatic.com
3	imasdk.googleapis.com	sharemods.com imasdk.googleapis.com
3	a.sportradarserving.com	3 redirects
3	ghent-aws-fr.bidswitch.net	sharemods.com
3	www.googletagservices.com	securepubads.g.doubleclick.net
3	st.pubmatic.com	stpd.cloud
3	node.setupad.com	stpd.cloud
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	prg.smartadserver.com	stpd.cloud
3	mug.criteo.com
3	cdn.jsdelivr.net	stpd.cloud securepubads.g.doubleclick.net sharemods.com
3	c.amazon-adsystem.com	stpd.cloud c.amazon-adsystem.com
3	video.onnetwork.tv	sharemods.com video.onnetwork.tv cdn.onnetwork.tv
3	maxcdn.bootstrapcdn.com	sharemods.com
2	ssum.casalemedia.com	2 redirects
2	image4.pubmatic.com
2	cms.quantserve.com	2 redirects
2	dis.criteo.com	2 redirects
2	csi.gstatic.com	imasdk.googleapis.com
2	s.amazon-adsystem.com	2 redirects
2	eus.rubiconproject.com	stpd.cloud eus.rubiconproject.com
2	bh.contextweb.com	1 redirects stpd.cloud
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	oajs.openx.net	1 redirects
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	static.criteo.net	stpd.cloud static.criteo.net
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	id.hadron.ad.gt	cdn.hadronid.net
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	cdn.id5-sync.com	sharemods.com securepubads.g.doubleclick.net
2	tags.crwdcntrl.net	sharemods.com securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	onetag-sys.com	stpd.cloud
2	prebid-stag.setupad.net	stpd.cloud
2	api.btloader.com	btloader.com
2	id5-sync.com	stpd.cloud cdn.id5-sync.com
2	ad-delivery.net	sharemods.com
2	use.fontawesome.com	sharemods.com
1	cm.adform.net	1 redirects
1	ap.lijit.com	adxbid.info
1	vpaid.vidoomy.com	vid.vidoomy.com
1	vid.vidoomy.com	adxbid.info
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	as.ck-ie.com	1 redirects
1	eb2.3lift.com	adxbid.info
1	simage4.pubmatic.com	ads.pubmatic.com
1	adxbid.info	stpd.cloud
1	acdn.adnxs.com	stpd.cloud
1	s0.2mdn.net	imasdk.googleapis.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	um.simpli.fi	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	partners.tremorhub.com	eu.sportradarserving.com
1	match.sharethrough.com	eu.sportradarserving.com
1	ats.rlcdn.com	secure.cdn.fastclick.net
1	www.google.com	tpc.googlesyndication.com
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	a.ad.gt	cdn.hadronid.net
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	3fbb2638b8924c5cacad8808a84c61ab.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.fi	securepubads.g.doubleclick.net
1	cdn.hadronid.net	sharemods.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	rtb.adxpremium.services	stpd.cloud
1	prebid-eu.creativecdn.com	stpd.cloud
1	bid.contextweb.com	stpd.cloud
1	hb-api.omnitagjs.com	stpd.cloud
1	prebid.a-mo.net	stpd.cloud
1	fastlane.rubiconproject.com	stpd.cloud
1	bidder.criteo.com	stpd.cloud
1	hbopenbid.pubmatic.com	stpd.cloud
1	ad.doubleclick.net	sharemods.com
1	www.googletagmanager.com	sharemods.com
1	btloader.com	sharemods.com
1	forworksyconus.com	sharemods.com
1	cookieinfoscript.com	sharemods.com
1	stpd.cloud	sharemods.com
1	fonts.googleapis.com	sharemods.com
323	110

This site contains links to these domains. Also see Links.

Domain
cookieinfoscript.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.stpd.cloud E1	`2023-02-24` - `2023-05-25`	3 months	crt.sh
forworksyconus.com R3	`2023-02-14` - `2023-05-15`	3 months	crt.sh
onnetwork.tv R3	`2023-02-15` - `2023-05-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.a-mo.net R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-05-08`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2022-08-26` - `2023-08-05`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.hadronid.net GTS CA 1P5	`2023-02-11` - `2023-05-12`	3 months	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
*.google.fi GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
node.setupad.com R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
*.sportradarserving.com Entrust Certification Authority - L1K	`2022-09-30` - `2023-10-15`	a year	crt.sh
ghent-aws-fr.bidswitch.net Amazon RSA 2048 M01	`2023-02-10` - `2023-10-06`	8 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh

This page contains 54 frames:

Primary Page: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Frame ID: 1C4025BC2E2E7C113A0D973E5F9EA14B
Requests: 117 HTTP requests in this frame

Frame: https://sharemods.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680321600
Frame ID: 39014104168702ACA83AC9424BE219EC
Requests: 3 HTTP requests in this frame

Frame: https://3fbb2638b8924c5cacad8808a84c61ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A4248348F3F5DB77A13849B236F6B66C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
Frame ID: CDB9AD3452A259060E3BEF389F971285
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkFecWqNuNlMBL6Jww4QHUIPp4dBi39twgyTZiaHIuStUPtVQuB6apVHGxYD5g5M_YPlFcoB4oUw86abHDCZS9KtOfZ6FtOY68N_uifnRzAdKg5f5CKLCLkAXi8Aqz6yk_tmc69dW65Z9-6JuiLMgZPQwbxD8h6xjLs8tTbUsw3Iv1UCMZO802NYZcOdiD1ZayOgqqVZ2lZ_N4MK7lkJtlHpCo2vn8BU7BtEettEMoaFVtmLDOhEpeh2-BSfcPjhTj9pq3tGttFMP36iOOrBSl7wOCD1KpUBGQFbJ7fnCgKW9LlwT2v3rmiLpbNIiugjmqDF73vmxtY1IEOpHB&sai=AMfl-YR3vq9T2PDMXeoncfi1L7Xrnx11Uss5FjmnkgUTL5OUGWyT0KJgcgX9tKJ8lNfs2fC5vbB0WFsWGmOV9CGeJXBKbVmor27ES3UpvmtHmUXcuZNVQEonXD8FytPfHrVs0S4yTP6W2jF196y5SpA&sig=Cg0ArKJSzPxyPyIDJj_XEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6BCC6AA83DF93EA3E5573C206CE9DB7B
Requests: 7 HTTP requests in this frame

Frame: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=
Frame ID: 098271447584BE8D42A4D56E6C8E7B29
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9A43A895E193F60F6AF455A19E450735
Requests: 5 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=607817&adId=2302824&imprId=6F80242A-665F-412F-AD5C-E46B5D8DA606&cksum=C3F90A591484CC4&adType=10&adServerId=243&kefact=0.207410&kaxefact=0.207410&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1680322558&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.296300&dcId=3&tldId=0&passback=0&svr=BID22630U&adsver=_2358017921&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=_q8nZDu6AwAAyWL93dB6X_0zLAFubCmwacCS8SQnKD5U6HSY&ekaxefact=_q8nZEy6AwCkT6N9rB1aOt9Uds_owuu8MFrn98PC4u92fsVP&ekpbmtpfact=_q8nZFq6AwAgf44CcfxPrf7cblFPnvwLi774p6yaDO2ndP5T&enpp=_q8nZGe6AwDmRHNYqJYljkQqnTpfTPecFH0mXKvqGtmmHINe&pfi=1&domId=14563580174443524020&dc=AMS&pubBuyId=25621&crID=409_67399&lpu=rizk.com&ucrid=4161784135904097045&campaignId=16530&creativeId=0&pctr=0.000000&wDSPByrId=409&wDspId=466&wbId=0&wrId=0&wAdvID=1304196&wDspCampId=2854&isRTB=1&rtbId=01AE4145-7F82-4B25-A670-343848D5069A&ver=9&dateHr=2023040104&oid=6F80242A-665F-412F-AD5C-E46B5D8DA606&cntryId=72&domain=sharemods.com&sec=1&pAuSt=2&wops=5&sURL=sharemods.com&BrID=5
Frame ID: 500AD819CB1242157027A0E8FB966806
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaEQIbVaRoNrSwfhoGvcf1zyWIkIhUezpuFfI_c5LixnDAv8mssyrDhW66peQwOO54_KNoDvQO8FV2l3XglHojS5-K1rLbAp0A9R9FYWkwmqppY45VMzJK6KKN9u8j7bqoYnYwYG177r72o3U6L29Fky6tQKHb2aJ7bW6il2WeUFH-Exm1GkWhH0jXEcMX1Kc2ByDz4KzWcD-KIeP0vbBzGwUXpK0hJWR6sve-f4tqiqRHP1Aj0PWfGBjnsby5y0GE5n_ZFKBe1IZw5AnAiVhHQiUfI0UKSw6UXW1xBRbw6O13IHxoRicCDTbDRE1W_D100mzbM1NhynXPjA&sai=AMfl-YQvwl7QYCBmjTGk7uxM_4DDuHT-XrU8YZUWPq_DVw2jTLvtT_ei4uyjlljGzkZP-xq35d1iilsXpNiGa1p87HwCVZ51fQHXTmvwD8Lwq5R_iCR7RH9Rpx6rRbSHdgQSw9CBCD7dve5iY16V4MM&sig=Cg0ArKJSzDKYrUKAa0G-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 528723E564AF42D83538D541E098D01B
Requests: 7 HTTP requests in this frame

Frame: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=
Frame ID: 81398753750F7163F247C2436F259B34
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1C8ECA136A0A8A692A93F97EC0458371
Requests: 5 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=607817&adId=2302824&imprId=4674E228-BBC5-4821-ACED-FB768EA12D76&cksum=FB1FBCA1397DD5B5&adType=10&adServerId=243&kefact=0.207200&kaxefact=0.207200&kadNetFrequecy=0&kadwidth=970&kadheight=90&kadsizeid=33&kltstamp=1680322485&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.296000&dcId=3&tldId=0&passback=0&svr=BID22498U&adsver=_2358017921&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=ta8nZFgqDADDhJJyOCjXn8gAovkQVLRuDip7yZHmrtxhevQI&ekaxefact=ta8nZGwqDAAIp50N1NFY8o7GC6idqTIdk34hXFZVsk-t2zM5&ekpbmtpfact=ta8nZH0qDAB8gR0NMj8jWGsFIJNl0pKs6teVpHwUfFlOf8F-&enpp=ta8nZI0qDADIWsWqZ5GlsPbXBOvWhEssldarmwWVfovuy80c&pfi=1&domId=14563580174443524020&dc=AMS&pubBuyId=25621&crID=409_67405&lpu=rizk.com&ucrid=17312306308235595004&campaignId=16530&creativeId=0&pctr=0.000000&wDSPByrId=409&wDspId=466&wbId=0&wrId=0&wAdvID=1304196&wDspCampId=2854&isRTB=1&rtbId=20A811BA-39DF-4027-8FEB-961155F24CF6&ver=7&dateHr=2023040104&oid=4674E228-BBC5-4821-ACED-FB768EA12D76&cntryId=72&domain=sharemods.com&sec=1&pAuSt=2&wops=5&sURL=sharemods.com&BrID=5
Frame ID: D8B381AEB22BE66DD93987F66DA35B8E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshRH8X2B5pPTwe-MpbWwxBF2vnWzLaefhlXn6L9CF5sUOK-quIAMHkLjInp49OffhNQs7B-wOEgBJYH5utU4jPXGOQAUWCVjnUPs7IyGxONlKwqgdF0co7j9xcq11lKmi83bbcJR9kfLEYtr1QMyfQBVJQM0phFCql00jsL6xeckKOPQfnp9hkiVClLusxWuDWRI3ps4QcMvwqlyE-3JkZpXJ2NBjufzs_wGio_tUuGs2cK28aucyJ41PcoxnpfbDdkG0i_6vDTzdWQQU-mbvwHlphRw4Tf-ybK9JfAcMrS3AneDbUGRC6f4WW6yTAxZXeelbAlIYg095ipynS&sai=AMfl-YSRW7VQBL75UxNUVIiMtbd1q0422u0aiTakHqNRrgXSThJRDprshkEj9DDoaOaoT9c-6fOP1qK5BMBGquD6PoC5dn2k8wb1TRb1FXNjQS6DAeGlewH77m5GUJvr5CAUWWWIfqfTxtZ-JCQEWfk&sig=Cg0ArKJSzB12EvQekoUnEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7B3F39E1DCE7AEF57FD7A3A7952A84B0
Requests: 7 HTTP requests in this frame

Frame: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=
Frame ID: 41AD6093F2BB5C88C6340A32EBAD18C0
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CC810D598536CB8312AA1E0962A849D3
Requests: 7 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=607817&adId=2302824&imprId=26CB4E54-EE08-4D5A-AAA7-82E0A2D5219A&cksum=B383CD12FA3D258F&adType=10&adServerId=243&kefact=0.207200&kaxefact=0.207200&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1680322558&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.296000&dcId=3&tldId=0&passback=0&svr=BID22353U&adsver=_2358017921&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=_q8nZO3zAwBHqeDp6_ld2nzOlLdJcs7BQ61ViL79rD9Cars_&ekaxefact=_q8nZPjzAwAPP4V46OloGDAGBj42131mwO_EPyjOV5rbjjZP&ekpbmtpfact=_q8nZAH0AwBE-nXkduYZGgltbxH_m6qkeVZZMvPvxQuOGp4O&enpp=_q8nZAv0AwAcTKigfgODjbLZZdNQCzXwKBTznW7N-7ugiDJi&pfi=1&domId=14563580174443524020&dc=AMS&pubBuyId=25621&crID=409_67399&lpu=rizk.com&ucrid=4161784135904097045&campaignId=16530&creativeId=0&pctr=0.000000&wDSPByrId=409&wDspId=466&wbId=0&wrId=0&wAdvID=1304196&wDspCampId=2854&isRTB=1&rtbId=8077F477-F84A-4612-8BD4-B368C3B46F36&ver=9&dateHr=2023040104&oid=26CB4E54-EE08-4D5A-AAA7-82E0A2D5219A&cntryId=72&domain=sharemods.com&sec=1&pAuSt=2&wops=5&sURL=sharemods.com&BrID=5
Frame ID: 6708CAEFAF6C5057F7B2FB71277629AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8FB28BB5B9CE0ED7A541F7F2DA43CE02
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 12248BAB92E429252F536268270F8675
Requests: 2 HTTP requests in this frame

Frame: https://cdn.onnetwork.tv/css/player86.css?s=1679609152
Frame ID: FC678998BFFECE7BA807C292058A83AC
Requests: 26 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5684008495220697895
Frame ID: DBAECF424D2F76DEBC1A430317F1DA85
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f1176427-b000-4900-a10a-105e5bbd44f6&gdpr=0&gdpr_consent=
Frame ID: D01AEF226C315A5C026D6A24F5E6FCE4
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 33B65A2A9F01C91A589EFC715A3A2F88
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.566.2_lt.html
Frame ID: 069D1E5F0BAF91A478ED65E8655537EB
Requests: 5 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/36063/11970823/11970823.js?ADFassetID=11970823&bv=257
Frame ID: 94E3A060941A00486F14A476BC31CDD2
Requests: 10 HTTP requests in this frame

Frame: blob://https://eu.sportradarserving.com/0e2f516a-c3d7-49d8-b4b1-e361dd0cc590
Frame ID: 98C0EDCAB266AF3E15E4E103D1C44009
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/4e938504-8b44-4daa-aa8e-e3817339b911.svg
Frame ID: 64FF23FEF87F7004827FF74227EDAFE3
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/995a8f930d924c778c584a8fc101a3ea.png
Frame ID: C22DD8F59AE60963F431C50752713736
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5F8C83B923D0F59784EB911D98601314
Requests: 3 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 3EE7C1B507F5AF35689D0015AED27FD4
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: F8F8639B4F82C58DDE2094BC42F02CE8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1680322558257
Frame ID: A289061B00D3827BF2267DC311CEDC17
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?reat=1
Frame ID: 0F8B3A04D9DB9EFEA9F9F0AECF11EEF8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E45B80C7BDF08012241EF9B5022FBE58
Requests: 10 HTTP requests in this frame

Frame: blob://https://eu.sportradarserving.com/14e567de-8dbd-4b78-ab1e-fa3101e02255
Frame ID: A8B651558BCBFEAD239BC052F132578F
Requests: 1 HTTP requests in this frame

Frame: blob://https://eu.sportradarserving.com/b53e2a67-3459-42b5-b9d9-82b1b2a0288e
Frame ID: DA6253A9E0E9CEF80915FB72D59DFE18
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/e8d179b9-ab54-452d-9dde-52118c1236a1.svg
Frame ID: B4F125FD936B76211F171C8B6230A4EC
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/995a8f930d924c778c584a8fc101a3ea.png
Frame ID: 9B0F5A4A567F092B1F9026B493801867
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/bb0a12d0-68ef-4e11-b1e3-73f3ea1c9ae5.svg
Frame ID: 91A2C4F0D27AC7494F84CC2532497AF0
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/d7517abb-6731-434e-b6be-8e77cebde944.svg
Frame ID: ABD079A3C2CC0AE232A67D38CD7106D3
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/995a8f930d924c778c584a8fc101a3ea.png
Frame ID: 11977E0F2ED486B5BA1613D42585A738
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/bc851aab-ef08-46ea-8c92-87eae44658ed.svg
Frame ID: 5496F3BF11DC533AA6EAAF1767AB3869
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F5f9a85a09e903b2d404cee99%2Fimages%2Fd23967fa-ca1c-459e-ad27-6d8be70376cd.png&w=115&h=115&q=85&f=webp&rt=contain
Frame ID: 4075D7D23A6F4D5D5A93D6FDC8F887F2
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F5f9a85a09e903b2d404cee99%2Fimages%2F0087e6db-cb6c-4741-b8a3-1069484c3860.png&w=100&h=100&q=85&f=webp&rt=contain
Frame ID: E76D82B0FEDECB98B0974F3389338624
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/bf-videos/55964b6ae202e726c80b2b79/Untitled-dde00f0b9b604f3298b640a2c655f8c2.mp4
Frame ID: 847270EAC66F613A90CB97D45E58AC1B
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 9E1E30C6DB77AEC0C0DCDFC87BEC18E5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A_jaF1f82BIYrtgVAqnFQgCq2kMY-NsXBv3v1e4h
Frame ID: A8E3CBA8DC1DD9AC73FCEB50E8903D19
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF&redir=true&gdpr=0&gdpr_consent=
Frame ID: 2D8544301F1480412167D17ADA0DBF36
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1178593671962508712&gdpr=0&gdpr_consent=
Frame ID: E9AAAB1A4BE72EA7C5EEFDB2B83FB01A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 725B688E585A02760B8D535F79A2C057
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eQS0OS0AtjxiUrY4ewCrOH5Tt2tiAuRqLAfGzbg6
Frame ID: 15EE4D9DCF08AA56A2A1D35EB1E0DE97
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF&redir=true&gdpr=0&gdpr_consent=
Frame ID: DD62258346EF1C465DE2FC015E1FF041
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1178593671962508712&gdpr=0&gdpr_consent=
Frame ID: 17782A0B102D5AA3F982E7DC4B23ECAA
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: 73F419F567261E2B66A9F40745DF836C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: B38BC0C6F2BA3CBAC6E3A2DAE40617D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download xw30 zip

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

323
Requests

90 %
HTTPS

37 %
IPv6

66
Domains

110
Subdomains

93
IPs

12
Countries

4155 kB
Transfer

9421 kB
Size

65
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cookieinfoscript.com/
Title: cookie script

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=JbDo7nxNejREbm15TUdHZzRnMHQ3emlGUVA0b3pqUE9lL3lCM3kzZDVrbjE4V3cwQm5Yd3NVdUZOV1RabDlxQ0tKRStXY3llbWYrV2hpbW1hY0FIajlzendiS2lTdSs1QW9reHlQWmFUdkRTWUFxYmlUZk9jTERtQUJmRFBRMDJZSjhRK0hEYkFZRHFRMlFGcTl2K0prUW9rV21oTFZOZnl2cFh4bUEyUUgxZTdDK2pHOEUvcDl0bE1VNC9YT2RLcm0yR2hYUE50Zkx4S21PenJaUVBxV1Z6NHlTdDU5Z2JSWk1zUDBqaG5RVWpxRU9zPXw&cppv=2

Request Chain 108

https://gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=ChromeSyncframe&so=3&topUrl=sharemods.com&bundle=TqXhDF80U2dVdTk1MHdQJTJCUDZYbmxZV0N5MmNaclBxM211QUpTV0l4dmZRNUU0YkxGa1pEJTJCd0dRS24wZ1VxZTFMWGtmMk5lOE1rb1JHTXVoektrUkJlU2NUeG9RSGVtclA0VmM3NjQ2UWlxTkdyR29zZ0tDZHMyVDA2ellRUCUyQmpFem1KUA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=bGidGnxXK050Y1FRb3FEUEVjVzU3aEFvbWFLeXFHTUR5OFRQYUxuTUtraDBNWVpoV3F0Q2VDNCs5OEZUbEpCcGgwTXBrbmc1dG9ueGhrNGFIYlMwU0pZTmt4U1Z1RVFFWGY5NWowanZkMFdUbjBZeTM5NkNiQjFlamc0dFB0aEQ5cVlibnVNSmtiMU55cTdWcDIzQ1htUEhSZWMxQkZUZVpJQlhGOGIrazBXakZmZU5ONDNyaVRkOERPYzU2a00vQTlobjJTbG1FdzQ2LzFXWVAxSzVKMkdXM2EzbWkrL2llTFl6R2lnZXowZDBxZmVrY1VnaVlaQmJqWVhoMUJDcnc0SXpZRFVpNFp3VEJmM2RKajJGUTIzay9iNlkrN016eDEzSkFVSjhLWXU0R2dsQT18&cppv=2

Request Chain 117

https://eu.sportradarserving.com/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url= HTTP 302
https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=

Request Chain 123

https://eu.sportradarserving.com/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url= HTTP 302
https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=

Request Chain 129

https://eu.sportradarserving.com/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url= HTTP 302
https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=

Request Chain 134

https://aws-fr-sync.bidswitch.net/sync?ssp=pubmatic&dsp_id=409&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=pubmatic&dsp_id=409&imp=1 HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=72df54e3-2916-4a34-a385-03f4c82e8604&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 136

https://aws-fr-sync.bidswitch.net/sync?ssp=pubmatic&dsp_id=409&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=pubmatic&dsp_id=409&imp=1 HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=72df54e3-2916-4a34-a385-03f4c82e8604&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 138

https://aws-fr-sync.bidswitch.net/sync?ssp=pubmatic&dsp_id=409&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=pubmatic&dsp_id=409&imp=1 HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=72df54e3-2916-4a34-a385-03f4c82e8604&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 148

https://oajs.openx.net/esp?url=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&rid=esp&cc=1

Request Chain 162

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=72df54e3-2916-4a34-a385-03f4c82e8604 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=6e918618-bf76-4108-a909-b5248e6954b4&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

Request Chain 165

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=72df54e3-2916-4a34-a385-03f4c82e8604 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 168

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=72df54e3-2916-4a34-a385-03f4c82e8604 HTTP 302
https://partners.tremorhub.com/sync?UIBS=6e918618-bf76-4108-a909-b5248e6954b4

Request Chain 172

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5684008495220697895

Request Chain 173

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f1176427-b000-4900-a10a-105e5bbd44f6&gdpr=0&gdpr_consent=

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0Q4MkZGMEItRTQ3Ni00QzkxLThBMTgtM0YwQUZERUNBM0JG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECGWpk2gQdgfb-4li73Vveo&google_cver=1

Request Chain 177

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5053906582621647486

Request Chain 217

https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js

Request Chain 251

https://bh.contextweb.com/visitormatch HTTP 302
https://bh.contextweb.com/visitormatch?reat=1

Request Chain 272

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 284

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=34927915656ee6273ee7683233977b0392da856350bf6dbf23a2833d32a33b86

Request Chain 286

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TLDK_jLKTqOLFRZhKngLXA&rk=usync-na

Request Chain 287

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFXGNZW1-1G-EVW1

Request Chain 289

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJpPpkt-yelGZPOZF06N3zU&google_cver=1

Request Chain 290

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEZYR05aVzEtMUctRVZXMQ== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEATwODinEfmVmNp3Zef11FU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZYR05aVzEtMUctRVZXMQ==&google_push=

Request Chain 291

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/RXgV40H86mxo8P4RZ1DnyMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-f7l5ZcZE2oLXwIGnHnO5nKMToaRnQBelCLR4Rg--~A

Request Chain 292

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=49IchnvdTF2puZbO4CZIIg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=49IchnvdTF2puZbO4CZIIg

Request Chain 293

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzMxMmJhNGVkYjdkZDFkOTc0Yzk4ZjMxMmYzNWU2MTg4OGI4YzM2Nw

Request Chain 306

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 307

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A_jaF1f82BIYrtgVAqnFQgCq2kMY-NsXBv3v1e4h

Request Chain 309

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1178593671962508712&gdpr=0&gdpr_consent=

Request Chain 311

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oQG4EudE2uVqkXQjoabrsPGFT84X1PQ-~A&gdpr=0

Request Chain 313

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 314

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eQS0OS0AtjxiUrY4ewCrOH5Tt2tiAuRqLAfGzbg6

Request Chain 316

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1178593671962508712&gdpr=0&gdpr_consent=

Request Chain 317

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oQG4EudE2uVqkXQjoabrsPGFT84X1PQ-~A&gdpr=0

Request Chain 321

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1 HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZCewA2had9wYhgE3V7fsYAAA%265142

Request Chain 326

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=5053906582621647486

323 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request xw30.zip.html Show response
sharemods.com/2lwvzsfwm4dx/ 19 KB
6 KB 688ms
345ms Document
text/html 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c8fb9a9b29b8d0bd1d18932733df8b93d09ac87eda78b8e5c6f1aef17938e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b0e03898fb72da0-KBP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 01 Apr 2023 04:15:56 GMT
expires: Fri, 31 Mar 2023 04:15:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WixEBhoyyq%2BDIGoTduU%2Ffg%2F15L%2B23pkoJegakZsVrBnNILKJ%2F7DNICmC2V%2Fw6yXzI%2BPTVcCeYeY4q4sOnhycjGuuG8XBl%2B4CP%2FFEVyjdgE5U6c97gKjk4OIHXR%2F1gIg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 234ms
80ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a005fb453ccfa3f6b4b1a8a27422f715207023b71b6d5002f49994568d996d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 01 Apr 2023 04:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 03:29:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 Apr 2023 04:15:56 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
sharemods.com/js/ 90 KB
33 KB 103ms
89ms Script
application/javascript 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/js/jquery-1.9.1.min.js
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Sep 2018 10:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1308547
etag: W/"5b910463-169d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxf%2B0OWYNK9caZ2ICvdf44n0RIKdDP0h90NfIQfIy%2BTY%2FanSvEtQmfdRaum%2FdQtLsW%2B65hBgWsP7ywy7gwPqFKTLFrdkN7nz%2B%2B%2FzgQf2fBHQLBxg8%2FYN8QxzF1KY9P0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7b0e038bdbec2da0-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.css
sharemods.com/css/ 117 KB
20 KB 160ms
148ms Stylesheet
text/css 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/css/bootstrap.css
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee627640d99d0061c431a7eb0cf6523c6fda4148a5aeaab5c14400c1b74d8723

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1302108
cf-polished: origSize=144219
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 19 Sep 2022 06:41:41 GMT
server: cloudflare
etag: W/"63280f25-2335b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w10SNGKdLEphcwp9rTUmDPnQs5XutpReEUZJY8xelMPZr%2BSVH8grU3OLHO3VTHOE0jcEdGE0vuewQT2sQhpNYx0qlfkThaA6svtcFo4fFaVD28DwVzLJBmGDvl07fpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7b0e038bdbf12da0-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 173ms
50ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601, 617, 617
age: 29445276
cdn-cachedat: 2021-03-10 20:26:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f630107343e22029ccb37d7d666b9552
timing-allow-origin: *
cdn-requestcountrycode: SE
cf-ray: 7b0e038c7972d967-HEL
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 23 KB
3 KB 311ms
189ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sharemods.com/
Origin: https://sharemods.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601, 617, 617
age: 29441142
cdn-cachedat: 2021-04-23 06:29:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d8ccb377d4ce79618ffc65563237a9a9
timing-allow-origin: *
cdn-requestcountrycode: SE
cf-ray: 7b0e038c7a7fd96b-HEL
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 170ms
48ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 793923
cdn-cachedat: 2021-06-08 21:08:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7b0e038c796fd967-HEL
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.1/css/ 45 KB
10 KB 179ms
58ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.1/css/all.css
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d98121a51ed3f911f519cf42be28225dc26b4c9d61cfab0a580118e5c3447463

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZNFS7QEEAY7M98Z0
age: 599083
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: icmoEjVnOjuZTfr93+D6ccDc3yRWpSqq+0DNyGmeG2PhKifuMEJ4MAqeKMJDT+jzKniUL3/EOLQ=
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
server: cloudflare
etag: W/"597b70b2ce6b1483f72526c906918fe9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6o39tVBK%2B6nSYApV4cA2o1IFWzd0stv2KY6HW9YBcMWrldQ%2FQ7Tn7dcFAezIL5DN1NY0fev%2BiBWqSLPlTy74%2B6TJTB%2BhnTgOgU4Kmksz4tSpCE6GQ0Z3%2F2A75C%2BkGfszw2xFcgBaaMX8BBeL7%2BYZhWL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7b0e038c7c6e15ec-ARN

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.1.1/css/ 26 KB
4 KB 182ms
61ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1458c65cd927c3e5bf35667665280eaaf849eef09ed217983334c5c8a78f6759

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WEA6CYQ5S0B6DQCV
age: 601264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: DO6q5uboLeJGHZqu8lugHZeyo64cMSjRKbcuEgY/4CQY2gliMSBHD5LxmcRvdj59/JkRIE8nu3o=
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
server: cloudflare
etag: W/"01727b5056f65c2ac938f5db4e552b10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBqhCg2glrZre4PONghtp5ADRyJafNef7kkvCqzkiCexb2pKlOVrCRQz9XzVHwO1QpLQIbHytxijitcauBp45biRZg7VDzpCO7zAgfM1JJQV8%2F%2BUHkH%2BNBH2Vxvvumgr8jkeUFyHwbnZvvBXerty7QbO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7b0e038c7c6f15ec-ARN

GET
H2 200 style.css
sharemods.com/css/ 61 KB
12 KB 88ms
80ms Stylesheet
text/css 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/css/style.css?v=1.35
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a730b4b0b939fbacf960275cb2533e36e67d140638c478374a2de0142af1bd14

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1287574
cf-polished: origSize=78800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 20 Dec 2022 12:43:16 GMT
server: cloudflare
etag: W/"63a1ade4-133d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DVnfKlTiwTWktAG2fQoCQal%2F%2B49qIAoZhxr8x1ZaggMZV3dNcKnFQ0lkkPUcygWSj2yT3a9gXerVgIb4RPVbzyx8Hp2qvWEocPVs1hWPI%2BaUFIiIvHIxKBXRxnhGT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7b0e038bdbf32da0-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap-select.css
sharemods.com/css/ 10 KB
2 KB 155ms
147ms Stylesheet
text/css 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/css/bootstrap-select.css?ver=1.104
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ee20b0a59b8ff59e7b7ef0ab572087dcd1acb8ddf3e8d9766b4179366a22c9a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1223852
cf-polished: origSize=12471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 19 Sep 2022 06:41:39 GMT
server: cloudflare
etag: W/"63280f23-30b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sd%2F57Irf9F4IL8Ecgo%2F6awj0T4vk1A9rSzWG%2Bk173ouSc5PxSCp5KSxrQhm1Jmdc02CVc4ftG1V1Fb8AtDX5Nig37wsmsoPLGctHOpDskl2Ld6RlQpeFCK86GPPHUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7b0e038bdbf52da0-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme-update.css
sharemods.com/css/ 77 KB
12 KB 154ms
146ms Stylesheet
text/css 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/css/theme-update.css?ver=1.199992
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f03ad1bd4bedf3947d539b724f56d424450dbada87a62bdc6456ef14fa0d2d8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1308806
cf-polished: origSize=95772
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Oct 2022 11:07:22 GMT
server: cloudflare
etag: W/"633eb6ea-1761c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f12owHn0MNATok%2BBudEJImS1wuksj68KhxEx6ohC7BzAFHB7kPKqx8OJkQsHkMMt%2BAZdnr35hdiO4R%2FU2skf%2FARdPZdtfMmUgpHAqH3bbyeDPrNLj%2B5NjdOOS86Mrbg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7b0e038bdbf62da0-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.paging.js Show response
sharemods.com/js/ 5 KB
2 KB 154ms
147ms Script
application/javascript 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/js/jquery.paging.js
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff6be8f3b815dfa79d5ca2e915bd5c2d96bf3133c7b6dbc50f87849933bc818

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1394359
cf-polished: origSize=19365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Sep 2018 10:41:39 GMT
server: cloudflare
etag: W/"5b910463-4ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ide6fGT1MFyZJVWNs1UqocQGLAqSwaV2pyouX%2FBDxtYQ6ijLXAp5yAgI%2BTg0pUr8%2B7FLquc2FN5Ef14UDayUPWK8b9znUvsFqU2vgpPhMhvv%2FB13U27n%2B7ANfttvUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7b0e038bdbf72da0-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.cookie.js Show response
sharemods.com/js/ 2 KB
1 KB 154ms
147ms Script
application/javascript 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/js/jquery.cookie.js
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 250e367ff82ec35e8bdfd782251214c82c9f22640a2b994ecbfdb185c1f28f56

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1287574
cf-polished: origSize=3121
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Sep 2018 10:41:39 GMT
server: cloudflare
etag: W/"5b910463-c31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7CiCXDhM7TXT2GahECB5w6f0g08iYwy3%2BRgnJpIpb9WqnXXS5nKTsXpAI3ZrDwNoC%2BKkryO%2Fb6hK02BkHFXG73w8ffUxlmUVmM4psh5S1BxuyuQRPOFz%2Br48BtfGYU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7b0e038bdbf82da0-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 paging.js Show response
sharemods.com/js/ 1 KB
843 B 151ms
146ms Script
application/javascript 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/js/paging.js?r=1
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fc96bd4bbaeb5f4f6b9ea81d2f995711064f7ca8e90362892122de20bbfba2e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1467421
cf-polished: origSize=1880
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 22 Oct 2019 10:59:11 GMT
server: cloudflare
etag: W/"5daee0ff-758"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpxCSe3ln%2BMXBcKxDQl3Xx1qduCV6f4F7D3Wjo6Guh2g1%2Fq8sptJWHES0Cc7thSQoyh7y5BuZOB9QyRUK0cEeoGzePMr4o4KKJ33y2FSF61vVjZ%2FoUlelZjF6nzcTvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7b0e038bdbfa2da0-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 300ms
109ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2b38ebcfbee4ba2131fec10762b0a92ccb03c8d3d220c9eda249e9e1708888f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25738
x-xss-protection: 0
server: cafe
etag: 919 / 19448 / m202303270101 / config-hash: 4618862490447205413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 04:15:57 GMT

GET
H2 200 3928 Show response
stpd.cloud/saas/ 431 KB
120 KB 199ms
82ms Script
text/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/saas/3928
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31eb2170adca02942c01217c37a49a84887f4703f7bc7ebbf64f1d60326822c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Sat, 01 Apr 2023 08:15:57 GMT
date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Apr 2023 04:14:47 GMT
server: cloudflare
age: 70
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7b0e038e788bfe50-HEL
stpdhash: cache

GET
H2 200 cookieinfo.min.js Show response
cookieinfoscript.com/js/ 7 KB
4 KB 192ms
76ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookieinfoscript.com/js/cookieinfo.min.js
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FRWYJHTMKVB36FEA
age: 4456
x-amz-meta-cb-modifiedtime: Tue, 28 Mar 2023 17:37:28 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: E241s73CqJDTH5o5Q4mucqUbyZy5vLTFYAm3XJpwe9Spav0GmnOeRfBsLJIxKJEu9Lb+NPq6tgo=
last-modified: Thu, 30 Mar 2023 19:00:41 GMT
server: cloudflare
etag: W/"d15d93068c1121f63008407d339bd819"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGt7m1YzQuVbPglF2WN06YaGxU%2Fia11qGmTnU6ErYq6htXAVQBQHYOnaA1oyx3eKYeKs3qQVsV%2FaRkDadbWMw1cY%2FS5LoqtCCepezwFxznQKOuj7zxaEB0YPIKI0oJNPCS%2BYivpKBzjYisSQEaBY1AvBag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=2678400
cf-ray: 7b0e038c7bdbd987-HEL

GET
H3 200 logo.png
sharemods.com/images/ 2 KB
2 KB 146ms
142ms Image
image/png 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sharemods.com/images/logo.png
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013aabe6a5fe6bff034c59ef1839ca770ebab2baa66c160efef5331229b98969

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1376764
cf-polished: origSize=3940
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1649
cf-bgj: imgq:100,h2pri
last-modified: Mon, 19 Sep 2022 06:42:45 GMT
server: cloudflare
etag: "63280f65-f64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agkVpwRx7vh2NKlXY9JOZ8NQvCHHe8J4XHLu%2BWWHUVazCnHheQgKXxQ%2BFvQkwKyMsMb2dLIGwSg3uxMkgDbzaygPW6SrEKt5VwAXs7VfEAaZWYJkrFFQ3%2B8uRs7Jmdk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7b0e038dd94e24a1-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 share.js Show response
sharemods.com/js/ 329 B
688 B 80ms
79ms Script
application/javascript 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/js/share.js
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b3cd5e8d2207976f8f687c84eba22d83cf960318fa8f7a6f31022ef4e69208

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1223851
cf-polished: origSize=354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Sep 2018 10:41:39 GMT
server: cloudflare
etag: W/"5b910463-162"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3c7BZCCAz7hzvutxoqQSY25pbgkkCIfhAGHaAqZYkcQFAZDQf%2BbHBfTjRhjS35vb8oRy%2FD6AEkFAHai%2BGnlVuu24n3m5R09rOYekBimAXRn4qgiWi%2FMJF%2FAB%2FVCef0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7b0e038d388a24a1-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ico_down.png
sharemods.com/images/ 255 B
794 B 148ms
144ms Image
image/png 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sharemods.com/images/ico_down.png
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5211a382edbdc5735bcef4a602013024eacec74802285bfe83e19f6b90a7b921

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1309046
cf-polished: origSize=381
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 255
cf-bgj: imgq:100,h2pri
last-modified: Mon, 19 Sep 2022 06:42:44 GMT
server: cloudflare
etag: "63280f64-17d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wHjBHonbMjFxZtf4hMqeJzhYRCqb8Y62aQXuGj94f4xw72fvE2j4KXLk9KQYqt%2BybJrufUDK7qQdD866pxE7yJelFXJ5KDIACAAKuQ3Rh2l7Iru7BMvv%2FN2OzSl58U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7b0e038dd95124a1-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 16756 Show response
forworksyconus.com/1clkn/ 0
1 KB 379ms
81ms Script
application/javascript 142.91.159.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://forworksyconus.com/1clkn/16756

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

142.91.159.92 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:15:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 widget_scrolllist.php Show response
video.onnetwork.tv/widget/ 5 KB
5 KB 271ms
93ms Script
text/html 5.135.105.236
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/widget/widget_scrolllist.php?widget=808

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.135.105.236 Viens, France, ASN16276 (OVH, FR),

Reverse DNS

vh11.eris-o.of.pl

Software

XO.webservant /

Resource Hash

99c72628a2383f86fd495d26b26b7108eb6c97ac974c0d229a540c99be294ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 01 Apr 2023 04:15:57 GMT
last-modified: Sat, 01 Apr 2023 04:15:57 GMT
server: XO.webservant
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
content-length: 5280
expires: Sat, 01 Apr 2023 04:15:58 GMT

GET
H2 200 tag Show response
btloader.com/ 14 KB
7 KB 413ms
310ms Script
application/javascript 2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5646025299591168&domain=sharemods.com&upapi=true
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3eb200a2e7e5fade3e2165d9a23cdf9bf400a40a7c40681aa7598f86b2ec93

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Apr 2023 03:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3584
etag: W/"3ec5ebad3f3d19db861fc2b7c42e41f4"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8%2B2EaSNSsf0Q%2B5Y40q3MPCwOvDsH7gYi%2FLXRwBMahAav%2BTjl9ciUYlUkMX5FGUO5Sb%2BQPNWb31hI2jx9OLo0wS9DKdDVEypJMIG2iKwlYyu8dT3Xtv%2Fh3s4HBW8eFum%2BBePXxcnPR785A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7b0e038e6c1cd953-HEL

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 257ms
85ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-15082559-23

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3835f7973691f07d83654d6d59cc5908ed4d6ad527f65685f65b110f67c9fbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45039
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Apr 2023 04:15:57 GMT

GET
H3 200 bootstrap-select.js Show response
sharemods.com/js/ 71 KB
19 KB 81ms
80ms Script
application/javascript 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/js/bootstrap-select.js
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f17a6c7a61593005b4d3f273d3728c956bf8f711bc5acc4205c8350ccb19d102

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1394359
cf-polished: origSize=118906
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Oct 2022 09:45:32 GMT
server: cloudflare
etag: W/"633ea3bc-1d07a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nt7cSby0MiiiUpH0iChj659Cm5PyPyeIlk%2BTCBzwiBFFqmOD2XG4Fxdt6R5MB3sSexlyUi15z%2Fk2oI0wH3uuVIzAAE29Z6oiBKh3GWtW4Z42ZrvbK%2FvDuwsnikSHuto%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7b0e038dc93c24a1-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 functions.js Show response
sharemods.com/js/ 1 KB
1 KB 145ms
143ms Script
application/javascript 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/js/functions.js?v=1.21
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0913ffc67cfdfb69fb6db7be06be5445f92be9bdf5de322645778f1ab365f097

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1460848
cf-polished: origSize=1650
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Oct 2022 09:45:56 GMT
server: cloudflare
etag: W/"633ea3d4-672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4bnRfrPXmA8iky0mpy1nU%2FPvjTx19u53pKrWuyTpdx%2F%2FwjTx%2FsAdZUos5ccMQ8zsAueXg6K3k0M15%2BmB1M3Bh7E%2BjdxjXFmhqoe2wYpJ98FU7GIf2lVfX6BB8fjM2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7b0e038dc94324a1-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 user-icon.svg
sharemods.com/images/ 622 B
866 B 132ms
131ms Image
image/svg+xml 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sharemods.com/images/user-icon.svg
Requested by: Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.199992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25370fe82dae8bae3881885339ccb49e13351e30f3dddf4085a9cd712e03e96c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/css/theme-update.css?ver=1.199992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 06:42:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1389472
etag: W/"63280f6a-26e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0F5WUMoY3HmYBXJu%2BMMNcG4XJCnc5CZ9y8%2BhsPLgoMjt6fhtwjdLnJilbEeOZH58tqAmIFmD6TciQ7eJFn%2BqcQYye4TMKe3lBSOFI%2FqehsDYst9OmzXwk2dLnAT7Xfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7b0e038de97324a1-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 flags.png
sharemods.com/images/ 15 KB
15 KB 133ms
131ms Image
image/png 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sharemods.com/images/flags.png
Requested by: Host: sharemods.com
URL: https://sharemods.com/css/style.css?v=1.35
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/css/style.css?v=1.35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1297063
cf-polished: origSize=15180
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15022
cf-bgj: imgq:100,h2pri
last-modified: Mon, 19 Sep 2022 06:42:41 GMT
server: cloudflare
etag: "63280f61-3b4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXPWZ%2Bvrq8KJLHjoWg%2BZKTdLxQQaIEmh9kIH6bhNFgjYLd%2F2d6KGbmoY1vNi3TYtE3ZFMQmp85M30lUbZlvv%2B1ovVek1pdj%2BwkHldgMeexQc1AQDGbi9lgLD%2FiVPszc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7b0e038df97924a1-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 files-icon.svg
sharemods.com/images/ 734 B
906 B 194ms
191ms Image
image/svg+xml 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sharemods.com/images/files-icon.svg
Requested by: Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.199992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1799f6ad6e4f1eb2f2df98fe33e271dbc6754079c578603eb94716b8c9659545

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/css/theme-update.css?ver=1.199992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 06:42:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1309046
etag: W/"63280f60-2de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clm85Jho1VZM2lOsba8nJb5bTBY5YPpCn%2FiQ9WnKaHNl2wy01SD9Y1tyn9KCyvS7tI3njQsqK1IGJ82LcA1Y7%2F1pqNYnC1KHfhSG5DVmg%2B26smx%2B6%2FSXANjpr%2BRR5So%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7b0e038df97c24a1-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 my-files-illustration-image.svg
sharemods.com/images/ 65 KB
13 KB 195ms
192ms Image
image/svg+xml 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sharemods.com/images/my-files-illustration-image.svg
Requested by: Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.199992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 137b7e16607cc0bb3b770b248c263e600e979c12150d221f4687b40f4f08b3e3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/css/theme-update.css?ver=1.199992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 06:42:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1394359
etag: W/"63280f66-1030a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnWw7hiLy%2FaGjaF5LXQ93fCOmekRyh5PosVT%2FbKqpiaD68UiuzvtTfgfzknOT2uGjTsI7aKr08dd1UOEEE1jrt29Gd1QOmhR0b1YAVhtRl3z7RpmU3j2PjtFb9IjWjg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7b0e038df97e24a1-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 my-files-illustration-image-1.svg
sharemods.com/images/ 2 KB
2 KB 199ms
196ms Image
image/svg+xml 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sharemods.com/images/my-files-illustration-image-1.svg
Requested by: Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.199992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eead1a11f9e744413f227f47ffbb38f0d8ab89473511741ebb4aedec507fc5c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/css/theme-update.css?ver=1.199992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 06:42:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1472419
etag: W/"63280f66-9cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9U3%2BaJg9CrhCNi%2FHSvMFNmRygAMw6XHsPcl9kobWe0yyg%2F2rBpimFSYuhTPsP6i6SRCQLt%2F2dlu7mmQvlsdlXmBDfAetC%2BVmz%2BoWZnj7BFdhuQvv2FscVuqSLdxN4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7b0e038df98124a1-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 my-files-illustration-image-2.svg
sharemods.com/images/ 3 KB
2 KB 204ms
202ms Image
image/svg+xml 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sharemods.com/images/my-files-illustration-image-2.svg
Requested by: Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.199992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d040ca5b4ddfc7d518c8845a34dd6ae312bbc6221767fdd76738e3a9e2c88cf5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/css/theme-update.css?ver=1.199992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 06:42:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1380775
etag: W/"63280f66-a9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfJvTrwO115CCGKUs4TtTpBOdCMA164sPF2UkW4Xfv6sAwwlAGx1qVRr2UKgf0ERKebVS6N7SSvKON3wpjKpTv2pDw%2Bqdcy2HO9sLjGH2Q1BGcrHUIa%2F21lEq9nNDw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7b0e038df98224a1-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 page-header-bg.png
sharemods.com/images/ 40 KB
40 KB 206ms
203ms Image
image/png 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sharemods.com/images/page-header-bg.png
Requested by: Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.199992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a493c7b6b2c0149cd999f3d0509d7e3b4880a215a1a8bbcc7a6775aaf2b96c5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/css/theme-update.css?ver=1.199992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1460848
cf-polished: origSize=49058
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40465
cf-bgj: imgq:100,h2pri
last-modified: Mon, 19 Sep 2022 06:42:47 GMT
server: cloudflare
etag: "63280f67-bfa2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=785%2FjoI%2B00vMw7W9YZoEw6D5nt5XSfoiRoOaK%2Fp6rWDv2saDXs1psVyomypR3ek1z%2F3mS1Qh6xjGgg5QV1kerdbu19zfJdVDLGZMq0radf%2BTdGaIbhni%2Fn2EmFi82tw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7b0e038df98424a1-KBP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 single-file-icon.svg
sharemods.com/images/ 437 B
796 B 258ms
256ms Image
image/svg+xml 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sharemods.com/images/single-file-icon.svg
Requested by: Host: sharemods.com
URL: https://sharemods.com/css/theme-update.css?ver=1.199992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0e4c69c9b40671c663c0ba214736491997983b015a02ba76ee8650668e5c406

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/css/theme-update.css?ver=1.199992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 06:42:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1386400
etag: W/"63280f68-1b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STnWtmGuQr6vK9yRk%2BZXPjDRT%2BCwaw3RKPr%2F%2BK42uOcwFFCMSciYGMPZy%2Fo3YMF1lJ%2FEVpWWjsP3a09fl4tFx4j4C0Amk4Y2%2Bt%2F9OZ3RbuX%2F09oZ%2B4sawOBdnaxwKCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7b0e038df98624a1-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 235ms
74ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sharemods.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 323093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:04 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 38 KB
38 KB 315ms
154ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sharemods.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:32:26 GMT
x-content-type-options: nosniff
age: 323011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:32:26 GMT

GET
H2 200 widgetScrollist.js Show response
cdn.onnetwork.tv/js/widgets/ 27 KB
7 KB 233ms
75ms Script
application/javascript 87.98.236.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/js/widgets/widgetScrollist.js?s=202209160956

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist.php?widget=808

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),

Reverse DNS

vh11c.eris-w26.of.pl

Software

XO.webservantpro /

Resource Hash

831f338d3b8d071bc5507cb8e5f0ad99e0a60d258b76e7d9cd0c14b60134490f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sharemods.com/
Origin: https://sharemods.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: public
date: Sat, 01 Apr 2023 04:15:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 11:52:32 GMT
server: XO.webservantpro
etag: W/"63c14600-6a04"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Wed, 18 Oct 2023 04:15:57 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 72ms
71ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sharemods.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:34:16 GMT
x-content-type-options: nosniff
age: 322901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:34:16 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/ 399 KB
124 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4271be75b6549727b2f6b020a48a3df7d47a7e97f70371379935d25d52dbdd2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 20:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28040
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126961
x-xss-protection: 0
server: cafe
etag: 11043018428268230335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 30 Mar 2024 20:28:37 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
500 B 224ms
81ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sharemods.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05446dec89a0469d29debd430cf07db33e81dbe9fc620e0d2205f22a81e19386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 475
x-xss-protection: 0
expires: Sat, 01 Apr 2023 04:15:57 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 invisible.js Show response
sharemods.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 3901 28 KB
12 KB 74ms
74ms Script
application/javascript 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680321600
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22823302cb82d192855b9a834b6dedb26d10b121bba8e5e34f5c53b3ff91182b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSyXdnv%2BVPXwKWTPMmyg1GF%2F1fZWbShFEFrGAqNZ5PMoCO25h%2BDa5Vzd02a0JJ1HXlzc7LuMRltMtSBMWoch99RVdTaAcKR2G2FPlkbO%2Fy2ASu7cCvZ%2B6By%2Bl46OdcE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7b0e03906ce024a1-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 229ms
65ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-15082559-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Apr 2023 04:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 645
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 01 Apr 2023 06:05:12 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
938 B 144ms
49ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 722796
x-guploader-uploadid: ADPycdtrZTrKGiW2qg9nHUZSVB6gihCFFQ8ehuPplkECuTw3LErgHfqeYBSF7SPJws7AqsesmRTDdLD_9dml6lFE31p11g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=am8XJ0C78Ull49J1vclVmBlFiiEdcVKtuuPll%2F0n6cgwvNAlAJ8VOckA30E89Z4ISqL2rqvef0gMn%2FqYfFhUG4xpci%2FizoW%2BaxJXGgrkMyHBHUG03SI7YmtYS6G0dt3C0wp8k89MjR9MukokYA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7b0e03910ef0d94b-HEL
expires: Thu, 23 Mar 2023 19:53:34 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 245ms
71ms Image
image/x-icon 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Apr 2023 18:03:05 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 145ms
51ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.8721829685999105
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 722796
x-guploader-uploadid: ADPycdtrZTrKGiW2qg9nHUZSVB6gihCFFQ8ehuPplkECuTw3LErgHfqeYBSF7SPJws7AqsesmRTDdLD_9dml6lFE31p11g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJSzDjbF4NHl6PJ8FgI%2B8f8VWS85RULPK6l0X6swP%2FAP2K8FwxSPGvsil02R3C4t5%2FoCxfcNoYIUTt6NxD6ictmn6Cm4yDpG1ltgGfZFtloRjig5autB%2Bc2M3pJR6H%2FDiMrZYB2yxUb8dn6%2BsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7b0e03910ef4d94b-HEL
expires: Thu, 23 Mar 2023 19:53:34 GMT

GET
H3 200 pica.js
sharemods.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 3901 7 KB
4 KB 74ms
74ms Other
application/javascript 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e506fe7b909cda38ab34dc7806d8bdc969a6e848703ce607e9240f99970483

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQNU8PFY6eiQU1zlCt8%2FL8TFYLUcXw4IuD8eLUGR8vUo%2B%2B2SpX0X1tMJjjcnYDgKM4KQlqZw4BeoWnBDpcSeK%2F8JSl%2FvEgPB7UfULVvBBaDvNUxokPPHkovNoqo%2B7I0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7b0e0390eda524a1-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 570804_5m.jpg
cdnt.onnetwork.tv/poster/5/7/ 10 KB
11 KB 318ms
147ms Image
image/jpeg 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/7/570804_5m.jpg

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.32.200.56 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w17.of.pl

Software

XO.webservantpro /

Resource Hash

c00fd1fce75f8aaf02c223b7140caf4b537e7c5660c7bba78a63d799baaf5cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 07 Feb 2022 09:22:50 GMT
server: XO.webservantpro
etag: "6200e4ea-2995"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 10645
expires: Wed, 18 Oct 2023 04:15:57 GMT

GET
H2 200 570858_5m.jpg
cdnt.onnetwork.tv/poster/5/7/ 29 KB
30 KB 319ms
149ms Image
image/jpeg 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/7/570858_5m.jpg

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.32.200.56 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w17.of.pl

Software

XO.webservantpro /

Resource Hash

43f7beebc22497f827ada6ee9c1f2e5b84264621a69bd47c9130709f3ce47f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 07 Feb 2022 09:58:20 GMT
server: XO.webservantpro
etag: "6200ed3c-751e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 29982
expires: Wed, 18 Oct 2023 04:15:57 GMT

GET
H2 200 570832_1m.jpg
cdnt.onnetwork.tv/poster/5/7/ 21 KB
21 KB 392ms
222ms Image
image/jpeg 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/7/570832_1m.jpg

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.32.200.56 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w17.of.pl

Software

XO.webservantpro /

Resource Hash

971ee47efa3517204e4cf69c23c891f00cb2da7e88fd3381e5b6e12ccbb113b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 07 Feb 2022 09:41:25 GMT
server: XO.webservantpro
etag: "6200e945-542b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 21547
expires: Wed, 18 Oct 2023 04:15:57 GMT

GET
H2 200 570840_5m.jpg
cdnt.onnetwork.tv/poster/5/7/ 26 KB
26 KB 391ms
223ms Image
image/jpeg 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/7/570840_5m.jpg

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.32.200.56 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w17.of.pl

Software

XO.webservantpro /

Resource Hash

c3eefd5595d59072bfa4e2fe0f26df33c1013b7eeb3f1176c0b411b14c14f8df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 07 Feb 2022 09:47:37 GMT
server: XO.webservantpro
etag: "6200eab9-6803"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 26627
expires: Wed, 18 Oct 2023 04:15:57 GMT

GET
H2 200 570814_5m.jpg
cdnt.onnetwork.tv/poster/5/7/ 21 KB
22 KB 391ms
223ms Image
image/jpeg 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/7/570814_5m.jpg

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.32.200.56 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w17.of.pl

Software

XO.webservantpro /

Resource Hash

d174b44385b81158573717412867bdde8c1641dbb83e086f7794aa3789e023aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 07 Feb 2022 09:30:47 GMT
server: XO.webservantpro
etag: "6200e6c7-55f8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 22008
expires: Wed, 18 Oct 2023 04:15:57 GMT

GET
H2 200 embed.php Show response
video.onnetwork.tv/ 3 KB
1 KB 92ms
91ms Script
text/javascript 5.135.105.236
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/embed.php?mid=NTcwODA0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDIsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwO0JSOzIwOzIwOzIwOzU2LDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1680322557394&cId=pid1680322557394&widget=808

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist.php?widget=808

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.135.105.236 Viens, France, ASN16276 (OVH, FR),

Reverse DNS

vh11.eris-o.of.pl

Software

XO.webservant /

Resource Hash

50a488a03d39e68d48aa62facdce0659612e09d6857b5ab20e968a44d1d849c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 01 Apr 2023 04:15:57 GMT
last-modified: Sat, 01 Apr 2023 04:15:56 GMT
server: XO.webservant
vary: Accept-Encoding
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
content-type: text/javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy: fullscreen *; autoplay;
content-length: 1319
expires: Sat, 01 Apr 2023 04:15:56 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 210ms
67ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://sharemods.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 01 Apr 2023 04:15:57 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 262402
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 224 KB
55 KB 250ms
83ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 03:30:54 GMT
content-encoding: gzip
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 19:29:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2704
x-amz-server-side-encryption: AES256
etag: W/"9bc5c23889e7664ec16504ac1d3adeb5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: bHknE672vh9uNSK5op8k5EkHSD7HrOwLK56qVgydf-1KbuPo6EQ6vQ==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 156ms
53ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230401

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbf11abca74e22acc16d6f72cb672a2abaa57cf0c32700ec02ebbec1129d9a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 896
x-jsd-version: 1.0.1663
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4564-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"630-Xi7Pp1x+seBSr+LUORVnHh1XRv0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrlNwS%2FFVQ1glDEW3DxN46TBl5Cb7tg95CUO3ZpZ0%2FltvBDo0T%2BDKzYzKrYiojK1GjAisk9WglD8CeNP5yATf6QDe9K1GDyazw2%2FkWsZCmEbwyOz10j%2BZzHJDuWzhVclSZq1Y6Af32oiOYoECj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b0e0392da9fd93f-HEL

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ 216 B
623 B 216ms
70ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3928

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

21c1e3378548c13aaea0882718015adc92c9b8a396aa8172fc097ba46989e782

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sharemods.com
date: Sat, 01 Apr 2023 04:15:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=JbDo7nxNejREbm15TUdHZzRnMHQ3emlGUVA0b3pqUE9lL3lCM3kzZDVrbjE4V3cwQm5Yd3NVdUZOV1RabDlxQ0tKRStXY3llbWYrV2hpbW1hY0FIajlzendiS2lTdSs1QW9reHlQWmFUdkRTWUFxYmlUZk9jTERtQUJmRF...

408 B
550 B

206ms
67ms

XHR
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=JbDo7nxNejREbm15TUdHZzRnMHQ3emlGUVA0b3pqUE9lL3lCM3kzZDVrbjE4V3cwQm5Yd3NVdUZOV1RabDlxQ0tKRStXY3llbWYrV2hpbW1hY0FIajlzendiS2lTdSs1QW9reHlQWmFUdkRTWUFxYmlUZk9jTERtQUJmRFBRMDJZSjhRK0hEYkFZRHFRMlFGcTl2K0prUW9rV21oTFZOZnl2cFh4bUEyUUgxZTdDK2pHOEUvcDl0bE1VNC9YT2RLcm0yR2hYUE50Zkx4S21PenJaUVBxV1Z6NHlTdDU5Z2JSWk1zUDBqaG5RVWpxRU9zPXw&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1001142d54c8f05d4af1e0386f0892f185c9a6a91686c8a844a46f0260dd3baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 631031
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=JbDo7nxNejREbm15TUdHZzRnMHQ3emlGUVA0b3pqUE9lL3lCM3kzZDVrbjE4V3cwQm5Yd3NVdUZOV1RabDlxQ0tKRStXY3llbWYrV2hpbW1hY0FIajlzendiS2lTdSs1QW9reHlQWmFUdkRTWUFxYmlUZk9jTERtQUJmRFBRMDJZSjhRK0hEYkFZRHFRMlFGcTl2K0prUW9rV21oTFZOZnl2cFh4bUEyUUgxZTdDK2pHOEUvcDl0bE1VNC9YT2RLcm0yR2hYUE50Zkx4S21PenJaUVBxV1Z6NHlTdDU5Z2JSWk1zUDBqaG5RVWpxRU9zPXw&cppv=2
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 286707
content-length: 0
expires: 0

POST
H3 200 7b0e03898fb72da0 Show response
sharemods.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 3901 2 B
639 B 93ms
90ms XHR
text/plain 172.67.73.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sharemods.com/cdn-cgi/challenge-platform/h/b/cv/result/7b0e03898fb72da0
Requested by: Host: sharemods.com
URL: https://sharemods.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680321600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iksKFGMT%2Fa9NwMPtBLdORtFo1cZd5m4h0hzFCl8A5PnekJOfqxExd4NQ4JbsK34891CxnkIqq%2Fh4%2BiZcnGsKW2OYb8Z8FZSb4dNdWcwcqPkGyTsJtVYzXGMNDb0N%2Bjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7b0e0393ba4724a1-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 283ms
178ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5646025299591168&domain=sharemods.com&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 0276c38bdce11b6761cc269e4ad45e261b186650699db6a481c7df95173d04e9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 285ms
180ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=g6nBr3Tbj&w=5737349457641472&o=5646025299591168&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&sid=1QTFgtae6p&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5646025299591168&domain=sharemods.com&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 01 Apr 2023 04:15:58 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 42 B
548 B 185ms
90ms XHR
application/json 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuvdglZq5QI69wo5dTiFjWZMt0BrLsd9eiG55RdvHVOmIDTzs0pqFcluvZMZr9YarQ1rfSSCcV6e84ToFduJetHZtGrMxlM1UtVNt0%2BKdwia1NVdBo55OcI6EPfLwOpyMj%2FkTOiWpbvB"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7b0e03945bbbd963-HEL
content-length: 42
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ 250 B
513 B 256ms
163ms XHR
application/json 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 216091a0608d0334cd2eaadadb46645f75dcfd314885e103f60b0f5b51200702

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.234.0-3-gde6ed827
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veeoPymvnBfgpl2OeVyahkbz2vR9EVfWHyhB2MbBV0DbIxNGQOaDlMXNVr70FZjdJ2RwbrBElY6RpSvVR2vW20szms3u0ZD0do7Z4rP%2BZpr45qfYRVxAY4pwIbuZDwazxaiHChehRMBy"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7b0e03945bbcd963-HEL
expires: 0

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 21 KB
21 KB 270ms
115ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e7dfe0ab6f09b2b9903d76f2c8e7a7cb6ab19ca90defc5c7bb44f270a3671625

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sharemods.com
date: Sat, 01 Apr 2023 04:15:58 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-openrtb-version: 2.3
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 361 B
1 KB 211ms
68ms XHR
application/json 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3928

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2a25fe0743cd802ae1b35266a1ec1736e6ce2aae67b822ad2e8ac2832f7f5fdc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 01 Apr 2023 04:15:58 GMT
AN-X-Request-Uuid: 56ccf3e9-f43e-4469-b97f-1b5164b86999
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sharemods.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.212.149.205; 185.212.149.205; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 361
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 261ms
88ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=86525574763

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 507 B
2 KB 330ms
64ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1969856&size_id=2%3B15%3B15&alt_size_ids=55%2C57%3B2%2C16%2C57%3B2%2C16%2C57&rp_schain=1.0,1!setupad.com,125,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&tk_flint=pbjs_lite_v6.6.0&x_source.tid=9c35b1b5-bc66-4d85-ad1f-6990688b0ae1%3B299c51b5-11e0-4670-bf32-ef5303213e99%3B8e8c5004-c943-4240-b555-90d0bd4c61ae&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.5309157556052824
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f64df84e5c8da743bd56b80f7cdf4a57e4db038d956599772a1aebd8809e3a39

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sharemods.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
219 B 223ms
72ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Sat, 01 Apr 2023 04:15:57 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://sharemods.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 211ms
68ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://sharemods.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 536 B
884 B 250ms
91ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&PublisherDomain=https%3A%2F%2Fsharemods.com

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d839b841c67d8432f1b57fb2b269880d348c354b70a6064a397334f065a108ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:57 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 536
expires: 0

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
184 B 430ms
135ms XHR
text/plain 198.148.27.133
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.148.27.133 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sharemods.com
access-control-expose-headers: Access-Control-Allow-Origin
date: Sat, 01 Apr 2023 04:15:57 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
server: envoy
x-no-bid-reason: Passback by decision

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 25 KB
6 KB 448ms
211ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 4b11306ab255ad6e7c8caa7a38f95779ff9bf509d855f60efbe440ce9d162627

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sharemods.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 23 KB
5 KB 367ms
130ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: d0edf1927135c047b8d8ebbe9f7b3cc8259b3dd8dbcd9ecb859a4cca51bd99ed

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:58 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sharemods.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 23 KB
5 KB 370ms
133ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 96b6699e3a973ab510829695cb2d20e3b53134910e5e3d692140b4d42dd70be0

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:58 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sharemods.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 213ms
71ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sharemods.com
date: Sat, 01 Apr 2023 04:15:58 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 281ms
131ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: ffbfb8cd84ca1d7f023db4a5680fc2a20f4500c8929d5aca864bb37d9773d7df

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 01 Apr 2023 04:15:58 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://sharemods.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1836
Expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 78ms
78ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1906712210&t=pageview&_s=1&dl=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&ul=en-us&de=UTF-8&dt=Download%20xw30%20zip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1714397462&gjid=1843311092&cid=787666057.1680322558&tid=UA-15082559-23&_gid=372308589.1680322558&_r=1&gtm=457e33t0&jsscut=1&z=644291796

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embed.min.js Show response
cdn.onnetwork.tv/js/player90/ 74 KB
24 KB 151ms
149ms Script
application/javascript 87.98.236.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1680164833

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?mid=NTcwODA0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDIsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwO0JSOzIwOzIwOzIwOzU2LDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1680322557394&cId=pid1680322557394&widget=808

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),

Reverse DNS

vh11c.eris-w26.of.pl

Software

XO.webservantpro /

Resource Hash

5337d6c375e6696b884f8160c13d6d9901edc24556613410fe5f25da0e14d294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sharemods.com/
Origin: https://sharemods.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: public
date: Sat, 01 Apr 2023 04:15:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 08:27:13 GMT
server: XO.webservantpro
etag: W/"642547e1-1266c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Wed, 18 Oct 2023 04:15:58 GMT

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ 126 B
331 B 76ms
74ms Image
image/png 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1680322558064&d=9784&wsc=00&typ=embed&mobile=0&c=43
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.200.56 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w17.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
last-modified: Saturday, 01-Apr-2023 04:15:58 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 4 KB
4 KB 76ms
76ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsharemods.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 008161c189e893c7422b3220bdcccd7ce8709a55fff6d6fa17dbc572040c6c9b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 02:22:07 GMT
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 6831
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://sharemods.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3606
x-amz-cf-id: v4zMQOWOVOCOnxisrEMeMuB36zSJFB5q-QfCKKu2rMycDIX4vCeP4w==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 304ms
104ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&pid=eE3WgBmNOSsHU&cb=0&ws=1600x1200&v=23.320.1710&t=500&slots=%5B%7B%22sd%22%3A%22sharemods_com_980x250%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22980x200%22%2C%22980x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C21696195204%2Fsharemods.com_980x250%22%7D%2C%7B%22sd%22%3A%22sharemods_com_970x250_2%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22980x200%22%2C%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C21696195204%2Fsharemods.com_970x250_2%22%7D%2C%7B%22sd%22%3A%22sharemods_com_970x250_3%22%2C%22s%22%3A%5B%22970x250%22%2C%22980x200%22%2C%22728x90%22%2C%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F147246189%2C21696195204%2Fsharemods.com_970x250_3%22%7D%5D&schain=1.0%2C1!setupad.com%2C125%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: T98ABNCZN64WNDC02Z6C
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 2CSa0JC-stt88JSVGmAYEsDCFY22pikftE2q-ttLHQNSlVXooJYhBw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 209ms
70ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: JWp1qp7MFzulJHtnMcdn8BBX506LKUt8
content-encoding: gzip
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
date: Sat, 01 Apr 2023 00:58:14 GMT
x-amz-cf-pop: FRA56-P6
age: 11866
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 28 Mar 2023 02:10:35 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Hy6LJtkFQ6eTpKElfdbmDyz29VPSUPJBoxb8kI8ebICJ40GroqjvoQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 242ms
75ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-15082559-23&cid=787666057.1680322558&jid=1714397462&gjid=1843311092&_gid=372308589.1680322558&_u=YEBAAUAAAAAAACAAI~&z=336964928

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 01 Apr 2023 04:15:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 310ms
148ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Sat, 01 Apr 2023 04:30:58 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 235ms
73ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sat, 01 Apr 2023 04:30:58 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 37 KB
11 KB 228ms
77ms Script
text/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 08:55:10 GMT
content-encoding: gzip
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 22:36:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 69649
x-amz-server-side-encryption: AES256
etag: W/"4c91450a102f312a8d75826eeee52ef9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: vEJ2AFCi7egKLxosWHnYJk-xwztLWaDDXP8u49DouzPFqBmRwxYc7w==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 173ms
56ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&ref=&_it=amazon&partner_id=533
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
server: cloudflare
x-amz-request-id: TC79M2Z6K8CHZ574
age: 6093
etag: W/"2280e2148e4ee3c06f679f8fac039778"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b0e03957d74d93b-HEL
x-amz-id-2: Kac3LdLD60402QhGAMsNfl1dyJGNmd3jZb9Ku+WI2wbja+a3HmAUuuOmxCphKEWPvDJAeuBLf64=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 165ms
49ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e7427b8419cc7f191acc60e33a1afa153c59423f183182cb731f8a9f0c612d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 13:19:47 GMT
server: cloudflare
x-amz-request-id: A9TG20N94BV44BVN
age: 2413
etag: W/"8aee2c14f819a80ea38a4ce5f70b364a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7b0e03956a0dd912-HEL
x-amz-id-2: jntlF3FUNcUaW6x/LiILXjNIeInpIdPtXSNw4pHboc6SZeOe9t+vEhdf77PtejkwWshekLbRUWg=

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
454 B 154ms
152ms XHR
text/plain 3.211.25.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.25.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-25-228.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 01 Apr 2023 04:15:58 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 475ms
153ms Preflight 3.211.25.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.25.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-25-228.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sharemods.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sat, 01 Apr 2023 04:15:58 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 234ms
67ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 01 Apr 2023 04:15:57 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 272813
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ 126 B
331 B 75ms
75ms Image
image/png 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1680322558232&d=9784&wsc=00&typ=embed&mobile=0&c=40
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.200.56 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w17.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
last-modified: Saturday, 01-Apr-2023 04:15:58 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 47 B
181 B 166ms
165ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=sharemods.com&url=https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&ref=&_it=amazon&partner_id=533
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e52d55741e1de8af5ee31084ae7dfe53b1ee4148ccfae0fcccfe67affdd40773

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://sharemods.com
cache-control: public,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
cf-ray: 7b0e03982ebefe2c-HEL
content-length: 47

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 347ms
225ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=sharemods.com&url=https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://sharemods.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7b0e0396bc0efe2c-HEL
content-length: 0
content-type: application/json
date: Sat, 01 Apr 2023 04:15:58 GMT
debug: OPTIONS block
expires: Sun, 31 Mar 2024 04:15:58 GMT
server: cloudflare

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 271ms
85ms XHR
application/json 52.18.27.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.27.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-27-55.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3fc0be460ee74b5c2ba429daec34048b06bb869085dd78f3d80e8da03596762c

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:58 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://sharemods.com
cache-control: no-cache
x-server: 10.45.31.11
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
531 B 260ms
80ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=sharemods.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 250ms
80ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sharemods.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
13 KB 480ms
480ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2083826857379880&correlator=872993739924619&eid=31068367&output=ldjh&gdfp_req=1&vrg=202303270101&ptt=17&impl=fifs&iu_parts=147246189%3A21696195204%2Csharemods.com_970x250_2%2Csharemods.com_980x250%2Csharemods.com_970x250_3%2Csharemods.com_interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x250%7C728x90%7C980x200%7C336x280%7C300x250%2C970x250%7C728x90%7C970x90%7C980x200%7C980x250%2C970x250%7C728x90%7C980x200%7C336x280%7C300x250%2C1x1&ifi=1&adks=605329121%2C3771485005%2C1413971331%2C3462287164&didk=122412821~587753367~122412822~2009814026&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C8&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.16%26hb_adid%3D5245294476c9e44%26hb_bidder%3Dpubmatic%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.16%26hb_adid%3D51b592a06c57455%26hb_bidder%3Dpubmatic%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.16%26hb_adid%3D531b3a71d703db%26hb_bidder%3Dpubmatic%7C&eri=1&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1680322558569&lmt=1680322558&dlt=1680322556733&idt=1001&adxs=315%2C220%2C315%2C-9&adys=567%2C339%2C649%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&frm=20&vis=1&psz=970x0%7C1160x0%7C970x0%7C0x-1&msz=970x0%7C1160x0%7C970x0%7C0x-1&fws=4%2C4%2C4%2C2&ohw=1600%2C1600%2C1600%2C0&ga_vid=787666057.1680322558&ga_sid=1680322559&ga_hid=1906712210&ga_fc=true&cbidsp=CpQECAEyBnY2LjYuMBIdCglhZGZvcm1TMlNSCWFkZm9ybVMyUxCLAiACOAISHwoKcnViaWNvblMyU1IKcnViaWNvblMyUxCMAiACOAISbgoIcHVibWF0aWNSCHB1Ym1hdGljENoCGlMKDzUyNDUyOTQ0NzZjOWU0NBDU5wkaA0VVUiIJaGJfYmlkZGVyIgdoYl9hZGlkIgVoYl9wYiIHaGJfc2l6ZSIJaGJfZm9ybWF0KAE6BgisAhD6ASABEhkKCGFwcG5leHVzUghhcHBuZXh1cxDXASACEhUKBmNyaXRlb1IGY3JpdGVvEI4CIAISFwoHcnViaWNvblIHcnViaWNvbhDRAiACEhUKBm9uZXRhZ1IGb25ldGFnENYBIAISGwoJYWR5b3VsaWtlUglhZHlvdWxpa2UQggIgAhIdCgpwdWxzZXBvaW50UgpwdWxzZXBvaW50ELMDIAISTQoNc21hcnRhZHNlcnZlclINc21hcnRhZHNlcnZlchDzAhooCg81NDE2NTA2MDkwODZmNDcQv5gIQMLRCRoDRVVSKAE6BgisAhD6ASABEhkKCHJ0YmhvdXNlUghydGJob3VzZRDaASACEh0KCmx1cG9ubWVkaWFSCmx1cG9ubWVkaWEQnQIgAhgCIiQyOTljNTFiNS0xMWUwLTQ2NzAtYmYzMi1lZjUzMDMyMTNlOTkqBAgDIABKAED6AQ..~CpIECAEyBnY2LjYuMBIdCglhZGZvcm1TMlNSCWFkZm9ybVMyUxCLAiACOAISHwoKcnViaWNvblMyU1IKcnViaWNvblMyUxCLAiACOAISbQoIcHVibWF0aWNSCHB1Ym1hdGljENkCGlIKDzUxYjU5MmEwNmM1NzQ1NRDU5wkaA0VVUiIJaGJfYmlkZGVyIgdoYl9hZGlkIgVoYl9wYiIHaGJfc2l6ZSIJaGJfZm9ybWF0KAE6BQjKBxBaIAESGQoIYXBwbmV4dXNSCGFwcG5leHVzENcBIAISFQoGY3JpdGVvUgZjcml0ZW8QjgIgAhIXCgdydWJpY29uUgdydWJpY29uENECIAISFQoGb25ldGFnUgZvbmV0YWcQ1gEgAhIbCglhZHlvdWxpa2VSCWFkeW91bGlrZRCCAiACEh0KCnB1bHNlcG9pbnRSCnB1bHNlcG9pbnQQswMgAhJMCg1zbWFydGFkc2VydmVyUg1zbWFydGFkc2VydmVyEOoDGicKDzU2NGM1NTNlNWM2ODAwZhCo-QhAtsMKGgNFVVIoAToFCMoHEFogARIZCghydGJob3VzZVIIcnRiaG91c2UQ2QEgAhIdCgpsdXBvbm1lZGlhUgpsdXBvbm1lZGlhEJ0CIAIYAiIkOWMzNWIxYjUtYmM2Ni00ZDg1LWFkMWYtNjk5MDY4OGIwYWUxKgQIAyAASgBA-gE.~CuYDCAEyBnY2LjYuMBIfCgpydWJpY29uUzJTUgpydWJpY29uUzJTEIwCIAI4AhJtCghwdWJtYXRpY1IIcHVibWF0aWMQ2wIaUgoONTMxYjNhNzFkNzAzZGIQ1OcJGgNFVVIiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX2Zvcm1hdCgBOgYIrAIQ-gEgARIZCghhcHBuZXh1c1IIYXBwbmV4dXMQ1wEgAhIVCgZjcml0ZW9SBmNyaXRlbxCOAiACEhcKB3J1Ymljb25SB3J1Ymljb24Q0QIgAhIPCgNhbXhSA2FteBDjASACEhUKBm9uZXRhZ1IGb25ldGFnENYBIAISGwoJYWR5b3VsaWtlUglhZHlvdWxpa2UQggIgAhJNCg1zbWFydGFkc2VydmVyUg1zbWFydGFkc2VydmVyEPUCGigKDzU1YzMzZGIxOWNhZjRjZBDRrwdAlNYIGgNFVVIoAToGCKwCEPoBIAESGQoIcnRiaG91c2VSCHJ0YmhvdXNlENoBIAISHQoKbHVwb25tZWRpYVIKbHVwb25tZWRpYRCdAiACGAIiJDhlOGM1MDA0LWM5NDMtNDI0MC1iNTU1LTkwZDBiZDRjNjFhZSoECAMgAEoAQPoB~

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d3408c434b8ef6e65da5e10bf340e78161fece1e14e41475527e07f9f4647bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12796
x-xss-protection: 0
google-lineitem-id: 323972309,323972309,323972309,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303033275,138303033650,138303033644,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 253ms
87ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09c5f785dfe6d5dc51053557c8a9f51d0464f8d13a028aa6808b02fe248f3521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11265
x-xss-protection: 0

GET
H2 200 container.html Show response
3fbb2638b8924c5cacad8808a84c61ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A424 6 KB
3 KB 265ms
79ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3fbb2638b8924c5cacad8808a84c61ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 04:15:58 GMT
expires: Sun, 31 Mar 2024 04:15:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/ 33 KB
12 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea7f035b47da981f01e9f8291473c0aa416f7d24ee8f530b7d702e8545f3c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 14:08:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50847
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11869
x-xss-protection: 0
server: cafe
etag: 3343871760691556743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 30 Mar 2024 14:08:31 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 272ms
135ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Apr 2023 04:15:58 GMT

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 201ms
201ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:58 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Sat, 01 Apr 2023 04:30:58 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
395 B 245ms
66ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://sharemods.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Sat, 01 Apr 2023 04:45:59 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 248ms
82ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Apr 2023 04:15:59 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CDB9 15 KB
6 KB 73ms
72ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 04:15:58 GMT
server: Kestrel
server-processing-duration-in-ticks: 456945
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 270ms
136ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Apr 2023 04:15:59 GMT

GET
H2 200 533 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 193ms
86ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&ref=&_it=amazon&partner_id=533
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33971d482ae91584a3ba003f93c414ef027b16400187bff97b5df45de853e867

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 01 Apr 2023 04:14:32 GMT
server: cloudflare
age: 87
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 7b0e0399d8b4d92e-HEL

GET
H2

200

sid Show response
mug.criteo.com/ Frame CDB9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=ChromeSyncframe&so=3&topUrl=sharemods.com&bundle=TqXhDF80U2dVdTk1MHdQJTJCUDZYbmxZV0N5MmNaclBxM211QUpTV0l4dmZRNUU0YkxGa1pE...
https://mug.criteo.com/sid?cpp=bGidGnxXK050Y1FRb3FEUEVjVzU3aEFvbWFLeXFHTUR5OFRQYUxuTUtraDBNWVpoV3F0Q2VDNCs5OEZUbEpCcGgwTXBrbmc1dG9ueGhrNGFIYlMwU0pZTmt4U1Z1RVFFWGY5NWowanZkMFdUbjBZeTM5NkNiQjFlamc0dF...

433 B
651 B

70ms
69ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bGidGnxXK050Y1FRb3FEUEVjVzU3aEFvbWFLeXFHTUR5OFRQYUxuTUtraDBNWVpoV3F0Q2VDNCs5OEZUbEpCcGgwTXBrbmc1dG9ueGhrNGFIYlMwU0pZTmt4U1Z1RVFFWGY5NWowanZkMFdUbjBZeTM5NkNiQjFlamc0dFB0aEQ5cVlibnVNSmtiMU55cTdWcDIzQ1htUEhSZWMxQkZUZVpJQlhGOGIrazBXakZmZU5ONDNyaVRkOERPYzU2a00vQTlobjJTbG1FdzQ2LzFXWVAxSzVKMkdXM2EzbWkrL2llTFl6R2lnZXowZDBxZmVrY1VnaVlaQmJqWVhoMUJDcnc0SXpZRFVpNFp3VEJmM2RKajJGUTIzay9iNlkrN016eDEzSkFVSjhLWXU0R2dsQT18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff2ae6650c1218c3a28c967120661bfa3f79ca48b283cf86ac625a95f5cde65d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1310411
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=bGidGnxXK050Y1FRb3FEUEVjVzU3aEFvbWFLeXFHTUR5OFRQYUxuTUtraDBNWVpoV3F0Q2VDNCs5OEZUbEpCcGgwTXBrbmc1dG9ueGhrNGFIYlMwU0pZTmt4U1Z1RVFFWGY5NWowanZkMFdUbjBZeTM5NkNiQjFlamc0dFB0aEQ5cVlibnVNSmtiMU55cTdWcDIzQ1htUEhSZWMxQkZUZVpJQlhGOGIrazBXakZmZU5ONDNyaVRkOERPYzU2a00vQTlobjJTbG1FdzQ2LzFXWVAxSzVKMkdXM2EzbWkrL2llTFl6R2lnZXowZDBxZmVrY1VnaVlaQmJqWVhoMUJDcnc0SXpZRFVpNFp3VEJmM2RKajJGUTIzay9iNlkrN016eDEzSkFVSjhLWXU0R2dsQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 361908
content-length: 0
expires: 0

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 157ms
47ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 03:25:56 GMT
via: 1.1 google
age: 3003
x-guploader-uploadid: ADPycdtwM5nv7FYSg0oynEWFku-7V16f1puFUc7AlBkfuDHd2FX_X7KVH4DadOhut9Xfi4CvHl0Tsi9vtftMTYxFpqApLg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Sat, 01 Apr 2023 04:25:56 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 37 KB
11 KB 79ms
77ms Script
text/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 08:55:10 GMT
content-encoding: gzip
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 22:36:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 69650
x-amz-server-side-encryption: AES256
etag: W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 2t0PO9AjUNZMX2mBYLnapUBTM8JTxeBhXUKVjJOGyWP39ggVjpVr-g==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 241ms
72ms Script
text/javascript 2600:9000:2250:8600:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8600:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 04:34:35 GMT
Via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 85285
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: uSFqHL6IKbyk61a7PmZia9at3Ksl3ZlL_KiQVI1K7uYwEaqpvAkZcQ==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 163ms
49ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:05:11 GMT
content-encoding: gzip
age: 875448
x-guploader-uploadid: ADPycds9FQDUvgWNQk1ynX1-SZRIy1o-8gR2cs-DdkJR0kiy1xijlgQ8EyEQrme5Zk8XcXySFlGNsraQsHPdCMU-BGt-wg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 21 Mar 2024 01:05:11 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 53ms
51ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099c242b7f21357ba887e27ac080dd6799d369d07511e1a788c633f40a6790b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 13:19:47 GMT
server: cloudflare
x-amz-request-id: 7KJ48B9SN91HD1JK
age: 2433
etag: W/"c248fe2e1769ec0b3fd66c9a48efe1d4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7b0e039a9c7ed912-HEL
x-amz-id-2: nj2+3Um7WDCyUVny72xAyaFbPTo16neMteXJdQAvxpI+JJJgJJzd6Ik7wv0Fk1jBtJqeB6RYvyY=

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 125ms
76ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27666
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7020-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shlbzBoTh9XoJ4agkbLUVz4ScekOds3eAe7PBdiGE2Ud9u1HbQSnp2A5UXkbW%2B9QezvLlcv%2BvNZ58z%2ByWlh1uAv15U%2Bg3cvNi8%2FvFBGM82qa54eRgljmCgZ36biYM7S25aA%2FS%2Bnci%2BXPDnPSLbg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b0e039ad96fd922-HEL

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6BCC 0
0 109ms
109ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkFecWqNuNlMBL6Jww4QHUIPp4dBi39twgyTZiaHIuStUPtVQuB6apVHGxYD5g5M_YPlFcoB4oUw86abHDCZS9KtOfZ6FtOY68N_uifnRzAdKg5f5CKLCLkAXi8Aqz6yk_tmc69dW65Z9-6JuiLMgZPQwbxD8h6xjLs8tTbUsw3Iv1UCMZO802NYZcOdiD1ZayOgqqVZ2lZ_N4MK7lkJtlHpCo2vn8BU7BtEettEMoaFVtmLDOhEpeh2-BSfcPjhTj9pq3tGttFMP36iOOrBSl7wOCD1KpUBGQFbJ7fnCgKW9LlwT2v3rmiLpbNIiugjmqDF73vmxtY1IEOpHB&sai=AMfl-YR3vq9T2PDMXeoncfi1L7Xrnx11Uss5FjmnkgUTL5OUGWyT0KJgcgX9tKJ8lNfs2fC5vbB0WFsWGmOV9CGeJXBKbVmor27ES3UpvmtHmUXcuZNVQEonXD8FytPfHrVs0S4yTP6W2jF196y5SpA&sig=Cg0ArKJSzPxyPyIDJj_XEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Apr 2023 04:15:59 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
209 B 212ms
67ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

AdDisplayTrackerServlet Show response
eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-h... Frame 0982
Redirect Chain

https://eu.sportradarserving.com/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh...
https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGL...

11 KB
6 KB

80ms
80ms

Document
text/html

3.124.62.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.62.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c73a963bb19a3a2029c43c1f083559b4f64616ae2b2ba25a37203189f6ef4e1b

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3533
Content-Type: text/html; charset=UTF-8
Date: Sat, 01 Apr 2023 04:15:59 GMT

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sat, 01 Apr 2023 04:15:59 GMT
Location: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 9A43 39 KB
14 KB 319ms
143ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=162645
content-encoding: gzip
content-length: 14445
content-type: text/html
date: Sat, 01 Apr 2023 04:15:59 GMT
expires: Mon, 03 Apr 2023 01:26:44 GMT
last-modified: Tue, 21 Mar 2023 06:09:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AdDisplayTrackerServlet Show response
st.pubmatic.com/AdServer/ Frame 500A 0
91 B 239ms
71ms Document
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=607817&adId=2302824&imprId=6F80242A-665F-412F-AD5C-E46B5D8DA606&cksum=C3F90A591484CC4&adType=10&adServerId=243&kefact=0.207410&kaxefact=0.207410&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1680322558&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.296300&dcId=3&tldId=0&passback=0&svr=BID22630U&adsver=_2358017921&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=_q8nZDu6AwAAyWL93dB6X_0zLAFubCmwacCS8SQnKD5U6HSY&ekaxefact=_q8nZEy6AwCkT6N9rB1aOt9Uds_owuu8MFrn98PC4u92fsVP&ekpbmtpfact=_q8nZFq6AwAgf44CcfxPrf7cblFPnvwLi774p6yaDO2ndP5T&enpp=_q8nZGe6AwDmRHNYqJYljkQqnTpfTPecFH0mXKvqGtmmHINe&pfi=1&domId=14563580174443524020&dc=AMS&pubBuyId=25621&crID=409_67399&lpu=rizk.com&ucrid=4161784135904097045&campaignId=16530&creativeId=0&pctr=0.000000&wDSPByrId=409&wDspId=466&wbId=0&wrId=0&wAdvID=1304196&wDspCampId=2854&isRTB=1&rtbId=01AE4145-7F82-4B25-A670-343848D5069A&ver=9&dateHr=2023040104&oid=6F80242A-665F-412F-AD5C-E46B5D8DA606&cntryId=72&domain=sharemods.com&sec=1&pAuSt=2&wops=5&sURL=sharemods.com&BrID=5
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 01 Apr 2023 04:15:59 GMT
expires: 0
pragma: no-cache

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BCC 158 KB
49 KB 250ms
84ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 04:15:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5287 0
0 109ms
108ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaEQIbVaRoNrSwfhoGvcf1zyWIkIhUezpuFfI_c5LixnDAv8mssyrDhW66peQwOO54_KNoDvQO8FV2l3XglHojS5-K1rLbAp0A9R9FYWkwmqppY45VMzJK6KKN9u8j7bqoYnYwYG177r72o3U6L29Fky6tQKHb2aJ7bW6il2WeUFH-Exm1GkWhH0jXEcMX1Kc2ByDz4KzWcD-KIeP0vbBzGwUXpK0hJWR6sve-f4tqiqRHP1Aj0PWfGBjnsby5y0GE5n_ZFKBe1IZw5AnAiVhHQiUfI0UKSw6UXW1xBRbw6O13IHxoRicCDTbDRE1W_D100mzbM1NhynXPjA&sai=AMfl-YQvwl7QYCBmjTGk7uxM_4DDuHT-XrU8YZUWPq_DVw2jTLvtT_ei4uyjlljGzkZP-xq35d1iilsXpNiGa1p87HwCVZ51fQHXTmvwD8Lwq5R_iCR7RH9Rpx6rRbSHdgQSw9CBCD7dve5iY16V4MM&sig=Cg0ArKJSzDKYrUKAa0G-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Apr 2023 04:15:59 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
208 B 198ms
67ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

AdDisplayTrackerServlet Show response
eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwc... Frame 8139
Redirect Chain

https://eu.sportradarserving.com/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXb...
https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUO...

11 KB
6 KB

70ms
69ms

Document
text/html

3.124.62.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.62.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a49fdaae52d1d7c7c807e568eb85ddc874b207a267f077b28b4e1cc00918ac58

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3529
Content-Type: text/html; charset=UTF-8
Date: Sat, 01 Apr 2023 04:15:59 GMT

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sat, 01 Apr 2023 04:15:59 GMT
Location: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1C8E 39 KB
14 KB 322ms
160ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=162645
content-encoding: gzip
content-length: 14445
content-type: text/html
date: Sat, 01 Apr 2023 04:15:59 GMT
expires: Mon, 03 Apr 2023 01:26:44 GMT
last-modified: Tue, 21 Mar 2023 06:09:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AdDisplayTrackerServlet Show response
st.pubmatic.com/AdServer/ Frame D8B3 0
49 B 226ms
72ms Document
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=607817&adId=2302824&imprId=4674E228-BBC5-4821-ACED-FB768EA12D76&cksum=FB1FBCA1397DD5B5&adType=10&adServerId=243&kefact=0.207200&kaxefact=0.207200&kadNetFrequecy=0&kadwidth=970&kadheight=90&kadsizeid=33&kltstamp=1680322485&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.296000&dcId=3&tldId=0&passback=0&svr=BID22498U&adsver=_2358017921&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=ta8nZFgqDADDhJJyOCjXn8gAovkQVLRuDip7yZHmrtxhevQI&ekaxefact=ta8nZGwqDAAIp50N1NFY8o7GC6idqTIdk34hXFZVsk-t2zM5&ekpbmtpfact=ta8nZH0qDAB8gR0NMj8jWGsFIJNl0pKs6teVpHwUfFlOf8F-&enpp=ta8nZI0qDADIWsWqZ5GlsPbXBOvWhEssldarmwWVfovuy80c&pfi=1&domId=14563580174443524020&dc=AMS&pubBuyId=25621&crID=409_67405&lpu=rizk.com&ucrid=17312306308235595004&campaignId=16530&creativeId=0&pctr=0.000000&wDSPByrId=409&wDspId=466&wbId=0&wrId=0&wAdvID=1304196&wDspCampId=2854&isRTB=1&rtbId=20A811BA-39DF-4027-8FEB-961155F24CF6&ver=7&dateHr=2023040104&oid=4674E228-BBC5-4821-ACED-FB768EA12D76&cntryId=72&domain=sharemods.com&sec=1&pAuSt=2&wops=5&sURL=sharemods.com&BrID=5
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 01 Apr 2023 04:15:58 GMT
expires: 0
pragma: no-cache

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5287 158 KB
49 KB 341ms
189ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 04:15:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B3F 0
0 107ms
106ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshRH8X2B5pPTwe-MpbWwxBF2vnWzLaefhlXn6L9CF5sUOK-quIAMHkLjInp49OffhNQs7B-wOEgBJYH5utU4jPXGOQAUWCVjnUPs7IyGxONlKwqgdF0co7j9xcq11lKmi83bbcJR9kfLEYtr1QMyfQBVJQM0phFCql00jsL6xeckKOPQfnp9hkiVClLusxWuDWRI3ps4QcMvwqlyE-3JkZpXJ2NBjufzs_wGio_tUuGs2cK28aucyJ41PcoxnpfbDdkG0i_6vDTzdWQQU-mbvwHlphRw4Tf-ybK9JfAcMrS3AneDbUGRC6f4WW6yTAxZXeelbAlIYg095ipynS&sai=AMfl-YSRW7VQBL75UxNUVIiMtbd1q0422u0aiTakHqNRrgXSThJRDprshkEj9DDoaOaoT9c-6fOP1qK5BMBGquD6PoC5dn2k8wb1TRb1FXNjQS6DAeGlewH77m5GUJvr5CAUWWWIfqfTxtZ-JCQEWfk&sig=Cg0ArKJSzB12EvQekoUnEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Apr 2023 04:15:59 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
208 B 186ms
68ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

AdDisplayTrackerServlet Show response
eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw... Frame 41AD
Redirect Chain

https://eu.sportradarserving.com/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaC...
https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fV...

11 KB
6 KB

70ms
70ms

Document
text/html

3.124.62.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.62.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 32b32f359fcd2390e58be51e389c58c6236bb2df83b4b981e9648fb9ed90b886

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3527
Content-Type: text/html; charset=UTF-8
Date: Sat, 01 Apr 2023 04:15:59 GMT

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sat, 01 Apr 2023 04:15:59 GMT
Location: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame CC81 39 KB
14 KB 223ms
74ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=162645
content-encoding: gzip
content-length: 14445
content-type: text/html
date: Sat, 01 Apr 2023 04:15:59 GMT
expires: Mon, 03 Apr 2023 01:26:44 GMT
last-modified: Tue, 21 Mar 2023 06:09:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AdDisplayTrackerServlet Show response
st.pubmatic.com/AdServer/ Frame 6708 0
49 B 211ms
71ms Document
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=607817&adId=2302824&imprId=26CB4E54-EE08-4D5A-AAA7-82E0A2D5219A&cksum=B383CD12FA3D258F&adType=10&adServerId=243&kefact=0.207200&kaxefact=0.207200&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1680322558&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.296000&dcId=3&tldId=0&passback=0&svr=BID22353U&adsver=_2358017921&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=_q8nZO3zAwBHqeDp6_ld2nzOlLdJcs7BQ61ViL79rD9Cars_&ekaxefact=_q8nZPjzAwAPP4V46OloGDAGBj42131mwO_EPyjOV5rbjjZP&ekpbmtpfact=_q8nZAH0AwBE-nXkduYZGgltbxH_m6qkeVZZMvPvxQuOGp4O&enpp=_q8nZAv0AwAcTKigfgODjbLZZdNQCzXwKBTznW7N-7ugiDJi&pfi=1&domId=14563580174443524020&dc=AMS&pubBuyId=25621&crID=409_67399&lpu=rizk.com&ucrid=4161784135904097045&campaignId=16530&creativeId=0&pctr=0.000000&wDSPByrId=409&wDspId=466&wbId=0&wrId=0&wAdvID=1304196&wDspCampId=2854&isRTB=1&rtbId=8077F477-F84A-4612-8BD4-B368C3B46F36&ver=9&dateHr=2023040104&oid=26CB4E54-EE08-4D5A-AAA7-82E0A2D5219A&cntryId=72&domain=sharemods.com&sec=1&pAuSt=2&wops=5&sURL=sharemods.com&BrID=5
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 01 Apr 2023 04:15:58 GMT
expires: 0
pragma: no-cache

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B3F 158 KB
49 KB 349ms
210ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 04:15:59 GMT

GET
H/1.1 200
OK /
ghent-aws-fr.bidswitch.net/imp/0.296300/BSWhttps_A_B_Beu.sportradarserving.com_Bnotify_BhtrCVLLBN1lgCFYScU13jPiR__xm48zD54kL5nBrtx1xd5mg__TyUsCjDFAhXDH__2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAw... Frame 6BCC 43 B
733 B 286ms
71ms Image
image/gif 3.123.60.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ghent-aws-fr.bidswitch.net/imp/0.296300/BSWhttps_A_B_Beu.sportradarserving.com_Bnotify_BhtrCVLLBN1lgCFYScU13jPiR__xm48zD54kL5nBrtx1xd5mg__TyUsCjDFAhXDH__2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ__biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc__I8YjKaD3-IPO7Sp1MEbm__rJTlN3r7pHh4Yd__PVZ7Eg7Zk2vQA-AKf__lsCgyBR-D8kRbZvZCbUB-__duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD__v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ__pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy__kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv__KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ__RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB__iFjJHm__HMqF6Oi__si4vLIhEiC__CyNg6qDDO0850__Qk0PdSrKmkHbT-o7y4IpZP__aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK__9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK__zQcdnr1VAZupSs6akLsq4lN0VAh4i5G__0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU__Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT__6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho__ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY_B_I_WAUCTION__PRICE_X_B/n38SGd9NwaE6WqxVCEn_FLXBqJEhFzkX3YV0VJimhk4dn049OjnjfVDqvrNfFRxlFr33uDFKGNBN5arWyFvltkI7IH8DjUcycJz0XDvcaJc2qOecoJR2XTVzAJNQMsaLkOGVWJo881pgOMieU7z_4SQy55sgORK52wysJD7EZFhzJYrB1id94EjgdZuck-aMkKf0ah0t8O_iy9UVdmPbhFmr_4a0SGwi0LwGdhQFiRAl6nG3rK1a1YFDms4dlu5Xt8xBRbnx-c6miS64suwgUINkkvZmvZ5KZF2ZOH42Xl5zG0bzRqX0Ef57Fkxu9BKvFq3GfheIrcgUQDbMMIrYqGdAxKUwsso1PVEpLia1r3hxNa_MOfBbVGyOqpct8bgACfuQJ1zJ-8ICMvB9fmBXywvsZp00ppBsC8cVGahT_PXUv972g5j8AJ7cRPdG6fTQ-oVFZDx690NaEpk2BB_ALIFlUcSnroRvM8unbEcNiIZQHDGuJpF9kdFj_cMHwuRw7nyvAnuxDxZktVbwb7CZn6-jrWsmKjvdiJyLdl1i4iqfyplW-AmHmZv62BApHLsJ6NgBoH2XmDt-58ucLss7Um1fjNzcLqBdKMcUy4NgTSVIeiI9i2Pp5NN9q9Z3idEHrI1eSVvQUbMWiCcQojwXZCnD1hO9fy8T_1ou6WZrnAk38PLCJEzc_CWoDk6aWBDabzqLTOUqsDAiNOVvrcmzNYtevOzatVRejRG9QaQdotHQirC-7OoOSIdmZQjNdpOTnWiniTa4VyzYKYMQrpdRoufa7Cn2L7SxoLg9jirr2gr7B_sdCdbX8VrkRsJqfsORsM4FFERcSrHcmFD6Pz1YVpb18PK0ZgkUGGS7RNMksQSofLXEZ-vYkdFaCQV1kceksXTfFa9JDlVk-ahempkGaYyBNr25h-1GEaC7-f9GH7jrPalsJccd3ARJQA0OtKLYhiSfkB4S_lWszP12ZNBBfxwD23y6ZyxiNpEaDOSvjWwpnQiMNFtDEsT5_DeAf4-YF17xoijBfWeQ-YJS4xYq0lvx-yAxPcBnSPQDEnu_Ee8c1dcnVW-L-DKGqAAgevprW91hJ9rWSaTrI-38B5H60H9J9G_2-1mZ2Wy4OynHVumKPzu6l7vu-DI5K3QB6gSIDRfKgf4p_IxIrQtXrd4_7v-w-i4-yIX-gobXAwjmk5ypZgMS_va0cAc28lzsrBZoANlKW9PpVlL7xRFlVUqLqQEocbZ8v_rS8Zd5Gq7UgBv9rp0/
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.60.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-60-58.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:15:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6BCC
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=pubmatic&dsp_id=409&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=pubmatic&dsp_id=409&imp=1
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=72df54e3-2916-4a34-a385-03f4c82e8604&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=

1 B
166 B

75ms
73ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 01 Apr 2023 04:16:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=
date: Sat, 01 Apr 2023 04:15:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK /
ghent-aws-fr.bidswitch.net/imp/0.296000/BSWhttps_A_B_Beu.sportradarserving.com_Bnotify_B5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCoo... Frame 5287 43 B
733 B 288ms
74ms Image
image/gif 3.123.60.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ghent-aws-fr.bidswitch.net/imp/0.296000/BSWhttps_A_B_Beu.sportradarserving.com_Bnotify_B5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul__z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP__gG9DABQDgjymSHAgJV1QT__OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI__G1t1yhGlsIbPEFTrZu5CDIXvsvQ__M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5__ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP__cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-__CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV__99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi__Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ__KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60_B_I_WAUCTION__PRICE_X_B/uEtGmtA5_Y1fMUDYRqxcWyrMM9bNELkSVKlP7xJ6Nw2euL7b15vCGW_O0Eavw3R33yQ7AZ4mJGfGXLfJxuxZN9lk2bsxl_R3NHiTXbP4Y9VzhfcWmcfT085sp65Vi_HZiYJJXEnjkwA6m42xnbyGBO4-_YmS6OQ6fS_DxyLl2UXnWe7lpRlrSw6fKzUBMRCSCZNdhFNM9SHPTZAb_Kzi7OzhMJ9mQjaeZr-lvggdL2z4JjvIVa6jmjYp4bvRp2A5fXNrpbbKUOkROt9LDwwdidE3-En-VX-bXzxesCM0Q6EulhF2BoeE6Gnb1gd0lBoZFNJtcp5th5J-ZzUScl2TBixKa0cU-lJ4ZdkpGZTbqPtyVrH-mIMI_VvZarLXhDzcg2b_CnIp8KIrsy2HYWIiBGbFNbnKAXgobywMaQZ8D8xSLkURxb3M_681pWtcmqTS7-n54SAmRDPygsAn4HNSNtr3n9WBBOWLUaLgTZP6eiZiB20PSYldMsINj4fJE_d-EBALUUISGZqSBVlQ8aZf5vhilMNOPp4-QtyTguqEWXQZfKAw5x4JB8KSH8nMb-1fsV_XdcHw_94KOG2rbXp-GcFoSgFcbMTJgqKR3m0s-Wx8raSOdKgsz-iuVYVlxVjbFMBZ43-pksYSEyb0sBqhYo68Oi_Oeuw6UBa03Xt_KtvxbQzBE7AfJVjTk-oA2eSd3VUEAU1Ish_HAGIB6KZeSiD4jrnUxX1DDFuC7zUcqOQT91jnHtX_PDgYLi37_k9CtmM64D7DWFBfacrwTDoTkVZ2oksEFDrgxrdtk9GPC01bnV4RV3obgxkuvgktEOVs_x9qDeCBq1rNjeXT48AF6-JkgTrhXvmdHtLA1GKZ_j8WwsnECLTrUEoT_WegY2xIKtLyEhJEwvWvYr95JcEdcCf3ZPfllo9jTYlT7wL2uBXNbWV2NRvZcyQOgmoB6EwmqSYOhpCclKsmyPN156j_QSe9xyzzN_24tHBVUaSh5NzpauurDRchqpcu1BzEr5yYnYt1jF3Va7O1VILBH5iTCEobnjyV2SbnvtPriHu3ETPrDs67Zd2NMIioQqBDyOUna2tCeEMyKzYgOQZSE_amDIdX7Mlzru6SarIe3YeRLnI6QLbcukHxRTA7_zOvEdIIhy7uGvfnz3eSdvWZff_lyyB0nzWqSNixUJdCVyuZyxadJ8pjA_SzrW7FLQ69LnbsNfFEMUvcqHCtoPeisbKkeW2noYjG2E8KNhA7kjHTw9F8EFmy3_CRjixuyLTLJg/
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.60.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-60-58.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:15:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5287
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=pubmatic&dsp_id=409&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=pubmatic&dsp_id=409&imp=1
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=72df54e3-2916-4a34-a385-03f4c82e8604&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=

1 B
55 B

76ms
74ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 01 Apr 2023 04:16:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=
date: Sat, 01 Apr 2023 04:15:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK /
ghent-aws-fr.bidswitch.net/imp/0.296000/BSWhttps_A_B_Beu.sportradarserving.com_Bnotify_BrUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss__3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc__3QOBGEIRENtdQEyYYb-OD4... Frame 7B3F 43 B
733 B 284ms
71ms Image
image/gif 3.123.60.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ghent-aws-fr.bidswitch.net/imp/0.296000/BSWhttps_A_B_Beu.sportradarserving.com_Bnotify_BrUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss__3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc__3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147__JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa__ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61__SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF__ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW__LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r__Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS__xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn__zfdap6bwJIDhjxKKLwRzGu6w__4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG__rLShHxHryj1vs__cLARLE__euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5__xtorVO-fs7H3aJEy7d4mmUONF4ysd__6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp__h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx__jz__mW-bnchxMB6Rojnw__Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u__kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD__wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ__0wKA9egZbLfcO__2zMQTllMGckj0xgs_B_I_WAUCTION__PRICE_X_B/PWxfvFIya2xzu0WNV49QGWmZA7TLfgLiJq9HgXbVHgPi2TnKnSYZiAfnS0jzjd4Hvif_fbWHf_bcRKbhNpNe4q0Dxitfr3whhQTwjE3LC-Ux6nb9AdfZygh-zoFeKJ65AAZ3kVeTrU030ojlGo0ythUis1POj5-KGJmyzaBRBezemhg5m5dJLJI2XnXw9Q9n9Veg7243cJvLQTp5X433F0gMgK40PWZMvzECc-LRHOaEWlXRK14D3sDZM0S07KD4XPGqD0ml-C3V71rt0ca3x6Afjp9C6Yw8W04aFjRqcqnoA4Zq3-mR48R3NGuiu38nE0OBbQWLRZk8Yxe67ahJbjEkoQK8CuazSsSsaU_MUJ0Vw8JWNwYTH8yW4D4hqEFjj8GbyEBeqMX-BqfXgaWi2_cSW6mjd2XeZNym8ILYNbBVms69ubgIEudplLage_Tmqykx-BKef5wGBLpbPvx4HVTHdKrjJFdLZ0ERbg60rvgy8foDeLmMigJ9BLpJPG0cdjZMm-wKSqINKydWaNQ1ArhIsSk8yMQpXN0u3IwPydMMrQ7j6ZdhwXSuPskVSa1WF7PfpGoyFAIPiu701Ho2bAVG8MhAg0-CKDRhHk62Aa-rI3t2I3qhzbhpI-ilQvb9QU53iNvrcxwVjnNDPWUM1DlCCUSULexG7qUVAzlk8rwIsiXbp_jh5nSyik3tDdB-8uCSlz_skU5RWCiFGVbMrqfaIHuBVBu_0qjig7Holy_VJPJGeSKSpUM0gPZC-wko4Baa8gZ3vs5wWcSglYnTaRHsTbYvVvihSBvL587d2GlzCYGQgM29RG6QJSD6xt5YMmz4lmigLDcl06FX6UkguuI3_XKpwNUqDfdYVRQphNld3z-JMyJFqiomsJA7ltr3QB7h_A8YuHL6fyR7KrYbQjMPogHa-Ni62LU8cPkTaIWwIjnbiQK0vF6l9RwKostMdgo3iojg7NPpqDeQsNyFxt7jpOz8HAtLVPka1UMaK7oB4vFefBmW9ooBD9hdIs9MG_q37PSeZf3fhvv4B44rz6oW3gCwWN_JHAr8f186fyWC-2KMdMTt1TrukKAAUvhdCo73ls_ZNavHDE_f3cpAm2izn3yrSMXmRAh4ncF1kDnZjJv4aHSicV4Wku9iuLHf7Iv48WVS7MSz4hkSLRcKl0_3h7yLsBtiF6svbRnqKs65Dr3mCdjy_KjTbI3iSxJlBcq7dLY9jlE1548uFTaThRr2VyVOPt948I885Df6HougzUU/
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.60.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-60-58.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:15:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7B3F
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=pubmatic&dsp_id=409&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=pubmatic&dsp_id=409&imp=1
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=72df54e3-2916-4a34-a385-03f4c82e8604&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=

1 B
55 B

75ms
73ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 01 Apr 2023 04:16:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=
date: Sat, 01 Apr 2023 04:15:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 197 KB
58 KB 73ms
72ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 18:23:24 GMT
server: Apache
etag: "31332-5eaee9adb933b-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 59461
expires: Sat, 01 Apr 2023 04:30:59 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8FB2 13 KB
5 KB 72ms
71ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 41829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 31 Mar 2023 16:38:50 GMT
expires: Sat, 30 Mar 2024 16:38:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1224 783 B
1 KB 237ms
80ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cdd297e5776f28ee5b5a48f5f839bfb108c0fc008e43829f8d0f0986f9632273

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QZSDBGthGkIxwKiU2E_pEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-QZSDBGthGkIxwKiU2E_pEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 04:15:59 GMT
expires: Sat, 01 Apr 2023 04:15:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 204ms
68ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sharemods.com
date: Sat, 01 Apr 2023 04:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 86ms
86ms XHR
application/json 52.18.27.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.27.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-27-55.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7b23133f4d9d68606733450bb00c45eb13617399642f930bedfa59557032f7e8

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:59 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://sharemods.com
cache-control: no-cache
x-server: 10.45.31.11
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 frame86.php Show response
video.onnetwork.tv/ 28 KB
8 KB 102ms
100ms Fetch
text/html 5.135.105.236
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/frame86.php?id=ffONNPd33d02dde388211b9c5002fa293504fb16803225582231&iid=1680322557394&e=1&widget=808&lang=7&onnsfonn=1&mid=NTcwODA0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDIsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwO0JSOzIwOzIwOzIwOzU2LDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA%3D&wtop=https%253A%252F%252Fsharemods.com%252F2lwvzsfwm4dx%252Fxw30.zip.html&apop=0&vpop=0&apopa=0&vpopa=0&cId=pid1680322557394&rrpt=%7B%22origin%22%3A%5B%22direct%22%5D%2C%22ECT%22%3A%5B%224g%22%5D%2C%22hb_rf%22%3A%5B%220%22%5D%2C%22CxSegments%22%3Anull%7D

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1680164833

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.135.105.236 Viens, France, ASN16276 (OVH, FR),

Reverse DNS

vh11.eris-o.of.pl

Software

XO.webservant /

Resource Hash

ecbf6d6656265f18d769dd41ba02f631a3be0a8a1fb446ce7ab0949bae8eaee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 01 Apr 2023 04:15:59 GMT
last-modified: Sat, 01 Apr 2023 04:15:59 GMT
server: XO.webservant
vary: Accept-Encoding
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: https://sharemods.com
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy: fullscreen *; autoplay;
access-control-allow-credentials: true
expires: Sat, 01 Apr 2023 04:16:00 GMT

GET
H3 200 U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FB2 36 KB
14 KB 216ms
71ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b10ce8b5d68f897bf237ff38b74ccfbf52f710b27b41fa2c12f829f6b6b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 11:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14333
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 11:52:41 GMT

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 241 B
335 B 90ms
87ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 32462362c004d284e60836aa8021459c4b44ddb59138aa8b90171a09b683458e

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: ceeab4fbdcc72c2e42b553e960fd9503
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 176ms
82ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sharemods.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://sharemods.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 01 Apr 2023 04:15:59 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 934a65e37dabf782126dc7030d8216da

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&rid=esp&cc=1

85 B
203 B

186ms
185ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: acc10075f8a131d9d211392f34ae81cdaabe8f778ed9d1da3953d713584a20d2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-PQO1W9rAp2OnvR1vz3rJWzyU6LA"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 01 Apr 2023 04:15:59 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://sharemods.com
location: /esp?url=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
37 KB 224ms
77ms Script
application/x-javascript 143.204.89.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: FdZQKnEndO3mqmnRp7XQ3uMfeJERmMlw
content-encoding: gzip
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
date: Sat, 01 Apr 2023 03:57:28 GMT
x-amz-cf-pop: FRA50-C1
age: 1116
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:96f94076-69de-4a4b-8bd0-6fb739c06860
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: e16bd58aa55fcc98af3b10870aad5974
last-modified: Thu, 19 Jan 2023 10:03:36 GMT
server: AmazonS3
etag: W/"0820c3a8da5dbe428619a7328c53b95f"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 3efbae2e7f7f574316dfc685479946d213531c0b483ab4a61e653a0088f0cae8
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-id: Quz4VB_QNATpo1p57eK6v8lLujNTRuXwlKk0G7MH0MP_qgLESqaB9Q==

GET
H2 200 player86.css
cdn.onnetwork.tv/css/ Frame FC67 45 KB
11 KB 75ms
75ms Stylesheet
text/css 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/css/player86.css?s=1679609152

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1680164833

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.32.200.56 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w17.of.pl

Software

XO.webservantpro /

Resource Hash

20f72a687bab9acebcae8ab16c5916abf9c8e8aa1429173d48e697f4940214f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: public
date: Sat, 01 Apr 2023 04:15:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 23 Mar 2023 22:05:52 GMT
server: XO.webservantpro
etag: W/"641ccd40-b5d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Wed, 18 Oct 2023 04:15:59 GMT

GET
H2 200 roboto.css
cdn.onnetwork.tv/css/ Frame FC67 6 KB
998 B 76ms
76ms Stylesheet
text/css 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/css/roboto.css

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1680164833

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.32.200.56 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w17.of.pl

Software

XO.webservantpro /

Resource Hash

939919488f3ad816cb78b5d032ae673c1c02c88b238cfdb6e1328cd5d04d7947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: public
date: Sat, 01 Apr 2023 04:15:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 08:44:40 GMT
server: XO.webservantpro
etag: W/"60dd8078-194c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Wed, 18 Oct 2023 04:15:59 GMT

GET
H2 200 player_utils.js Show response
cdn.onnetwork.tv/js/player86/ Frame FC67 11 KB
4 KB 76ms
75ms Script
application/javascript 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/js/player86/player_utils.js?s=1680109924

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.32.200.56 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w17.of.pl

Software

XO.webservantpro /

Resource Hash

df15e63ad5ce4b1384a4625f4c6797a30e4d74dadd0ffc8346cb85d94d8e73bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: public
date: Sat, 01 Apr 2023 04:15:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 17:12:04 GMT
server: XO.webservantpro
etag: W/"64247164-2dee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Wed, 18 Oct 2023 04:15:59 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FC67 78 KB
29 KB 236ms
71ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9da2c699e261cfbe0274b650d76cf0d816de1b920fabd870ee57e6895cec02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28785
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 15:28:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Sat, 01 Apr 2023 04:30:18 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FC67 361 KB
121 KB 314ms
149ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1da28e800518ff1302a3a67c4e4876910229c52554291a25b280dcd01d42ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123698
x-xss-protection: 0
expires: Sat, 01 Apr 2023 04:15:59 GMT

GET
H3 200 hls.min.js Show response
cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/ Frame FC67 315 KB
92 KB 60ms
60ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/hls.min.js

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

920230cba1a6e09330a6cc76c634c78e547fcf67b7a9cc03213dde43ceea0baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3267741
x-jsd-version: 1.1.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230069-FRA, cache-jnb7021-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"4eaf2-/CwIB8b0ZgFLVgmQTHnomAXuiz4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTciJq7LngcxS46DEZTP1M0Fzh4K6UxSOSDIRporLQDVRiqRSbAsfvZnRyoRXsKnPSp9EtTPXu4qPWBA6EALzZiPMLLF5dY3O8F9SVdYqJpEDVAwCW5xHX1vS5qdj7IglxfRtL16t8RyhMjHyps%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b0e039c7d41d922-HEL

GET
H2 200 player.js Show response
cdn.onnetwork.tv/js/player86/ Frame FC67 278 KB
75 KB 152ms
151ms Script
application/javascript 87.98.236.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/js/player86/player.js?s=1680109924

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),

Reverse DNS

vh11c.eris-w26.of.pl

Software

XO.webservantpro /

Resource Hash

016d997dca8fd88c17580000bbd62925b0925f0e888245acdf83a238fef8f15c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sharemods.com/
Origin: https://sharemods.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: public
date: Sat, 01 Apr 2023 04:15:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 17:12:04 GMT
server: XO.webservantpro
etag: W/"64247164-45673"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Wed, 18 Oct 2023 04:15:59 GMT

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ Frame FC67 126 B
331 B 76ms
75ms Image
image/png 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1680322559422&d=9784&wsc=00&typ=embed&mobile=0&c=44
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.200.56 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w17.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
last-modified: Saturday, 01-Apr-2023 04:15:59 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1224 0
0 105ms
105ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303270101&jk=2083826857379880&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame CC81 1 KB
2 KB 239ms
71ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32305680&p=156191&s=607817&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=6&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c9c5ec4817f539b9a78ce1033f0a3bb2e7be2ca4efbaf5f4b8d27c05c66008d5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 01 Apr 2023 04:15:58 GMT
content-length: 1254
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 6BCC 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd03b15a44f07b09f3f42aa942f118b96358404524ed9de78d1a36e992dc5701

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 8139 2 KB
3 KB 247ms
65ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59752039;click=https://eu.sportradarserving.com/click/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60//?click3rd=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA%3D%3D_url%3D&lp_d2a97axd=

Requested by

Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

54ef3ff6a209964cf970979ff12878eb0f1d1a1a8cb29049bd6fa5836893c0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2201
expires: -1

GET
H2

204

v1
match.sharethrough.com/sync/ Frame 8139
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=72df54e3-2916-4a34-a385-03f4c82e8604
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=6e918618-bf76-4108-a909-b5248e6954b4&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

0
356 B

213ms
65ms

Image
text/plain

3.67.31.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=6e918618-bf76-4108-a909-b5248e6954b4&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=
Protocol: H2
Server: 3.67.31.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-31-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=6e918618-bf76-4108-a909-b5248e6954b4&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
date: Sat, 01 Apr 2023 04:15:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK youronlinechoices_icon.png
eu.sportradarserving.com/ Frame 8139 1 KB
2 KB 66ms
66ms Image
image/png 3.124.62.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/youronlinechoices_icon.png
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.62.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:15:59 GMT
Cache-Control: max-age=86400
Last-Modified: Wed, 29 Mar 2023 12:23:42 GMT
Connection: keep-alive
ETag: 16800926221319
Content-Length: 1319
Content-Type: image/png

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 41AD 2 KB
3 KB 300ms
125ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59752049;click=https://eu.sportradarserving.com/click/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs//?click3rd=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA%3D_url%3D&lp_d2a97axd=

Requested by

Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

257e82e113d318281d1afc2064e972811a73155e4ad6dd1513bb8ff75dc033d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2175
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 41AD
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=72df54e3-2916-4a34-a385-03f4c82e8604
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=

1 B
396 B

244ms
73ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 01 Apr 2023 04:15:59 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6e918618-bf76-4108-a909-b5248e6954b4&gdpr=&gdpr_consent=&gdpr_pd=
date: Sat, 01 Apr 2023 04:15:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK youronlinechoices_icon.png
eu.sportradarserving.com/ Frame 41AD 1 KB
2 KB 69ms
69ms Image
image/png 3.124.62.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/youronlinechoices_icon.png
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.62.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:15:59 GMT
Cache-Control: max-age=86400
Last-Modified: Wed, 29 Mar 2023 12:23:42 GMT
Connection: keep-alive
ETag: 16800926221319
Content-Length: 1319
Content-Type: image/png

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 0982 2 KB
3 KB 227ms
64ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59752049;click=https://eu.sportradarserving.com/click/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY//?click3rd=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA%3D_url%3D&lp_d2a97axd=

Requested by

Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

c79dc0e8997251328e5a193eeb716c6eebc4e6e3a19f70e5f35c49fa3c94adc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2199
expires: -1

GET
H2

200

sync
partners.tremorhub.com/ Frame 0982
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=72df54e3-2916-4a34-a385-03f4c82e8604
https://partners.tremorhub.com/sync?UIBS=6e918618-bf76-4108-a909-b5248e6954b4

43 B
183 B

501ms
157ms

Image
image/gif

2600:1f18:612b:4232:cba0:4e0e:1b37:264e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIBS=6e918618-bf76-4108-a909-b5248e6954b4
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=
Protocol: H2
Server: 2600:1f18:612b:4232:cba0:4e0e:1b37:264e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 01 Apr 2023 04:16:00 GMT
server: Apache-Coyote/1.1
content-type: image/gif

Redirect headers

location: //partners.tremorhub.com/sync?UIBS=6e918618-bf76-4108-a909-b5248e6954b4
date: Sat, 01 Apr 2023 04:15:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK youronlinechoices_icon.png
eu.sportradarserving.com/ Frame 0982 1 KB
2 KB 66ms
65ms Image
image/png 3.124.62.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/youronlinechoices_icon.png
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.62.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:15:59 GMT
Cache-Control: max-age=86400
Last-Modified: Wed, 29 Mar 2023 12:23:42 GMT
Connection: keep-alive
ETag: 16800926221319
Content-Length: 1319
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7B3F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 427d2469e4fd39502812866a770914f6e9cf3090d93e84090d4908f58e83ee2d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5287 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f5957d35a76f94ce9874e4cf3c446b1499b158a5dc064f72a13de4a074f4ae8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame DBAE
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5684008495220697895

42 B
274 B

219ms
71ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5684008495220697895
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 01 Apr 2023 04:15:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5684008495220697895
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D01A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f1176427-b000-4900-a10a-105e5bbd44f6&gdpr=0&gdpr_consent=

42 B
342 B

78ms
77ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f1176427-b000-4900-a10a-105e5bbd44f6&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 01 Apr 2023 04:15:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sat, 01 Apr 2023 04:15:59 GMT
Expires: Sat, 01 Apr 2023 04:15:58 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 711 dd187f8 master zrh-pixel-x31 config_version:"unknown"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f1176427-b000-4900-a10a-105e5bbd44f6&gdpr=0&gdpr_consent=

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CC81
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0Q4MkZGMEItRTQ3Ni00QzkxLThBMTgtM0YwQUZERUNBM0JG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

157ms
71ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 01 Apr 2023 04:15:58 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CC81
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECGWpk2gQdgfb-4li73Vveo&google_cver=1

42 B
525 B

156ms
70ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECGWpk2gQdgfb-4li73Vveo&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 01 Apr 2023 04:15:58 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECGWpk2gQdgfb-4li73Vveo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame CC81 43 B
609 B 265ms
83ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 31 Mar 2023 04:15:59 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CC81
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5053906582621647486

42 B
298 B

74ms
72ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5053906582621647486
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 01 Apr 2023 04:16:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:15:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5053906582621647486
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8FB2 0
10 B 71ms
71ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LnPI8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 0982 34 KB
16 KB 289ms
128ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59752049;click=https://eu.sportradarserving.com/click/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY//?click3rd=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA%3D_url%3D&lp_d2a97axd=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:46:59 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 8139 34 KB
16 KB 314ms
153ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59752039;click=https://eu.sportradarserving.com/click/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60//?click3rd=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA%3D%3D_url%3D&lp_d2a97axd=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:46:59 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 33B6 0
176 B 191ms
84ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 01 Apr 2023 04:15:59 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 41AD 34 KB
16 KB 279ms
179ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59752049;click=https://eu.sportradarserving.com/click/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs//?click3rd=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA%3D_url%3D&lp_d2a97axd=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:46:59 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame FC67 49 KB
20 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player.js?s=1680109924

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Apr 2023 04:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 01 Apr 2023 06:05:12 GMT

GET
H2 200 bridge3.566.2_lt.html Show response
imasdk.googleapis.com/js/core/ Frame 069D 711 KB
226 KB 78ms
77ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.566.2_lt.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dce3f3efa10a5029a5d3d94edc4146ffa17bdc14bbc706bc6bbdd6dcba3c7fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 371444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231304
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 21:05:15 GMT
expires: Tue, 26 Mar 2024 21:05:15 GMT
last-modified: Mon, 27 Mar 2023 20:51:45 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FC67 44 KB
16 KB 94ms
79ms Script
text/javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Apr 2023 04:16:00 GMT

GET
H2 200 570804_5.jpg
cdnt.onnetwork.tv/poster/5/7/ Frame FC67 41 KB
41 KB 152ms
152ms Image
image/jpeg 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/7/570804_5.jpg

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.32.200.56 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w17.of.pl

Software

XO.webservantpro /

Resource Hash

98aa28c27ee6247372e211b32468d43ef0bfb19504ef9c9120756dd7d3f5c5e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 07 Feb 2022 09:22:50 GMT
server: XO.webservantpro
etag: "6200e4ea-a248"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 41544
expires: Wed, 18 Oct 2023 04:15:59 GMT

GET
H2 200 a_cnti.png
cdn.onnetwork.tv/cnt/ Frame FC67 126 B
331 B 227ms
226ms Image
image/png 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1680322559958&event=plimpression&d=9784&vs=0&aps=3&playerVisible=0&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.200.56 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w17.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
last-modified: Saturday, 01-Apr-2023 04:15:59 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ Frame FC67 126 B
331 B 227ms
226ms Image
image/png 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1680322559958&d=9784&wsc=ar&typ=embed&mobile=0&c=45
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.200.56 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w17.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
last-modified: Saturday, 01-Apr-2023 04:15:59 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntm.png
cdn.onnetwork.tv/cnt/ Frame FC67 126 B
331 B 227ms
227ms Image
image/png 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntm.png?ts=1680322559959&i=570804&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.200.56 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w17.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:15:59 GMT
last-modified: Saturday, 01-Apr-2023 04:15:59 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 206 black2.mp4
cdn.onnetwork.tv/img/ Frame FC67 2 KB
2 KB 222ms
222ms Media
video/mp4 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/img/black2.mp4

Requested by

Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.32.200.56 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w17.of.pl

Software

XO.webservantpro /

Resource Hash

6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sharemods.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

pragma: public
date: Sat, 01 Apr 2023 04:15:59 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 15 Nov 2022 12:58:10 GMT
server: XO.webservantpro
etag: "63738ce2-8be"
access-control-allow-methods: GET, POST, OPTIONS
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-2237/2238
cache-control: max-age=17280000, public
Content-Length: 2238
expires: Wed, 18 Oct 2023 04:15:59 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame FC67 3 B
23 B 78ms
78ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=702409919&t=pageview&_s=1&dl=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&dp=%2Fsharemods_com%2F9784&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=1140x641&je=0&_u=AACAAAABAAAAACAAsD~&jid=1309743514&gjid=1082284878&cid=787666057.1680322558&tid=UA-135296857-4&_gid=372308589.1680322558&_r=1&_slc=1&z=883940833

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame FC67 4 B
24 B 78ms
78ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=702409919&t=pageview&_s=1&dl=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&dp=%2Far%2Fsharemods_com&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=1140x641&je=0&_u=ACCAAEABAAAAACAAsD~&jid=945059795&gjid=1932381466&cid=787666057.1680322558&tid=UA-135221353-1&_gid=372308589.1680322558&_r=1&_slc=1&z=2112091088

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FC67 56 KB
56 KB 72ms
71ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/css/roboto.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.onnetwork.tv/
Origin: https://sharemods.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:32 GMT
x-content-type-options: nosniff
age: 323068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57116
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 23:13:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:32 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 0982 10 KB
4 KB 66ms
65ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=59752049;click=https://eu.sportradarserving.com/click/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY//?click3rd=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA%3D_url%3D&lp_d2a97axd=;js=1;adfxid=1x;8805;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fsharemods.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

aafbf96070bb2b725210130adc58aefcbf4449165b24154975d2f5ab3bfa4fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3779
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 8139 8 KB
4 KB 65ms
65ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=59752039;click=https://eu.sportradarserving.com/click/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60//?click3rd=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA%3D%3D_url%3D&lp_d2a97axd=;js=1;adfxid=2x;5918;set=en-US|en-US|1600X1200|0|950|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fsharemods.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

c6fe8a139e17a9d1dd0e0991793852891da0a912a87cf78f23186e2edfd4b0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3742
expires: -1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame FC67 1 B
67 B 76ms
75ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-135221353-1&cid=787666057.1680322558&jid=945059795&gjid=1932381466&_gid=372308589.1680322558&_u=ACCAAEABAAAAACAAsD~&z=1797506368

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sharemods.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 01 Apr 2023 04:16:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6BCC 0
0 109ms
108ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupPMRLLNVfRrd6Bu7MrdDSqVMU_lkfdxojdIqcjmqO-diZlc_Ox_JVhvXK0x-iLs4oTAg-zfrW6L6bWxyK9y9Fi0SO4qaDL0xSx4VBNu9TA3pi_E4USi2kGmHHsFv5bni43eSxQvk7YGCZ-l5arIDxS_Ax6YDA2smEQbZCoDvTd1InGFbyF7Lvkq6wN91EPWrPs4Df7Wi_pM5UcLljNbULnb0doV9u7FzuxCdkeL-Iw1SF2I6SW87a8iq3-PNpk6v-zkVJuJ2rj9uFsf0TM-UzrlFPVqm8dUMZvdrUDYa9mXx5rndilDPf8gnVYhXlW_nYGASwesQunR-Ljf9C4NY&sai=AMfl-YSYLN1wesCitZQSrte2yuPhrJvdDmvwdWE7VMCdBLDCJJWV5v9mfuZ09lzpXhFVPGTZG24ROOGKp2uzG-4BPKMfQZj1emyp-zxgXEQekRJKD2YerjxclfTIgp6tZFdmzmH38h3-G05s_v7pmCY&sig=Cg0ArKJSzOndzxebFeWIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Apr 2023 04:16:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B3F 0
0 114ms
113ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyMBrHz73fxxjShZQkQk1fHPXKbACo8yEK-x-inhsafBirGi54uZfDcFJymkB03Io0-PlnY4lm4Ne5e7uDzx6rO4zpPMmBJD6EAuNZrn-hHTLueTmocQAHlKCLyxG5U1tNcc4Vc7Uz_W4N88JJANXlduhIoXEsPjEsnTMb5PLGmn-F5yeLDI1cHWNJI8257cjQXxlOU5RvlWYERpQOTFShgq3cKdChUO_Tecfda8jA6AI_MWRoGa0hiauz4COGpS-7KcBnMYUajewusL41vMMlOHCIwNjb1IR8Dvqx7RqD55p38lUuGDZE1OrcrAGTAfZf0whT586avC9KE2HU_LA&sai=AMfl-YTg-t2MSdElQa6jzV_0PVQbKk51lNe8_VEocUah0dgKiGH9Vr-k-GE6LBZe_-_kLesPsQ8_ocsZhTzy7kKvj5HM_dxNUiYCl2ln9HdHKP7TW6hjncfpkT_ma7_WHDtNchx251Gw99uy6pxYU0M&sig=Cg0ArKJSzBLcJesg1V7DEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Apr 2023 04:16:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5287 0
0 140ms
140ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaeEoGZKliA6fBpr7mavw_j1I5ixwFwWcPXJ9k5Q4R9ShZ0gtNmhkHZVNTfHPdp5rJ4SvlVhgSM707TDNVNozPocX_S04tYL0bv365hjWGW8ps-9t5RDpJY76Q_lFMHIwA_dZSVcsRQVJHeriL9Z_owJxlafbVHx-0-w5dP-3dILvCO7N8pPTWxxpq-o6t0UxZXdD3zgCEzFhJYHO_A-1YKtshx1neSCiB9c21McBy-mTu-ZEtLPyN7h_s_Zy4VL8X2Ftp4xEQAt0IanrRgd2gWUjyAifabqBrhplVSY0p_43gSrHbq1ocWOYmBSpGfaA_Eejt2UkiK_jo4KNS&sai=AMfl-YR1D4xsJ0Hm0MM6eB2Y_KfDxDcrSLAoDYvkhxEoN5G-OQUi-a2EboSXsWgfE2kP_I0Vg0CVgRiYSWPnENBIKklggDyYDe616J-h8v-BdmSPyfFtdxk1bSk8ducalkf1indCOUy_OR9WyYwYgUE&sig=Cg0ArKJSzDT4aimQYi8uEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Apr 2023 04:16:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 41AD 10 KB
4 KB 66ms
66ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=59752049;click=https://eu.sportradarserving.com/click/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs//?click3rd=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA%3D_url%3D&lp_d2a97axd=;js=1;adfxid=3x;962;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fsharemods.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

6fd34d0d8319b10b5091fe5deae678ef7a153b7392ac19cbed43a05244ab322a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3753
expires: -1

GET
H2 200 62b9cc54619a970bb751acde Show response
c.bannerflow.net/a/ Frame 0982 69 KB
23 KB 185ms
91ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/62b9cc54619a970bb751acde?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2FhtrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752049%3Badfibeg%3D0%3Bcdata%3DcCkki2fLKCJHTufjV4ouOXiW863IgQI8UhH364UsEyj_HoBR5XH0K_S7Hx7UkPzkMmex1_84sWrK-0xVU5u4x9j8G45s1tzMYaJU2uM20NlrKgVJEb1vM6ZKlkyyjeZVHJ851unkp0VPuDAuPMtxzA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d634380c0ecad3bef7b74f385f0f030f3049bb53dd8ed5cb872b7edd57b70e8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 04:16:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7b0e03a21a90d963-HEL
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

POST
H2 200 /
track.adform.net/csimpr/ Frame 0982 35 B
598 B 64ms
64ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59752049&csi=Og1EkRGfMa7_HoBR5XH0K4R3m2e-UWRysqm4ziorf7kJDwKV3Zer3OYzOlvE35ThHK50-nyeyubQlLLj5QsPxt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.sportradarserving.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://eu.sportradarserving.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R3...
eu.sportradarserving.com/mimp/ Frame 0982 43 B
220 B 66ms
66ms Image
image/gif 3.124.62.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/mimp/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.62.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:16:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 570804_5.jpg
cdnt.onnetwork.tv/poster/5/7/ Frame FC67 41 KB
41 KB 75ms
75ms Image
image/jpeg 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/7/570804_5.jpg

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player.js?s=1680109924

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.32.200.56 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w17.of.pl

Software

XO.webservantpro /

Resource Hash

98aa28c27ee6247372e211b32468d43ef0bfb19504ef9c9120756dd7d3f5c5e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 07 Feb 2022 09:22:50 GMT
server: XO.webservantpro
etag: "6200e4ea-a248"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 41544
expires: Wed, 18 Oct 2023 04:16:00 GMT

GET
H/1.1 200
OK 5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTw...
eu.sportradarserving.com/mimp/ Frame 8139 43 B
220 B 66ms
66ms Image
image/gif 3.124.62.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/mimp/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.62.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:16:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 108ms
107ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303270101&jk=2083826857379880&bg=!ubqluu7NAAbEgrg45II7ADkAdvg8Wtx_6GVWViAdaVlV_gN4T5AIaiQYXHynFkkPTPYVEkSUIldTQNtq15qfZJL0leGzVspQ8p0CAAAAslIAAAADaAEHCgDhY84YxH6ngxhwIQqayzwkvh6tJl6bItUdzlbQZJVg1nEXpt15pN2_rDSlBTAPj7WxiSVH4i5GD8cpM2VnJ2erwWuTupNbOsMG71o1grWlyVH7YwYR-DyNw4UTZ_xwZj2m9uX-mPgKoHtBuF4Av0-VIYDwn4_yfgnZvNDRY6Ej3j5acQiO2wNwWC6FjQ9zYy7GT0Htn4BDdYFCj84zY28k6jxyr647mvwZybSSW8VoDabeHhaJUjDFozaPyoYzow3Kp5ybIT0vg0H9tCiZymMWQeWzSj9MfiK-wklyLXBUnBPJmQKZZXb7akIlcAxqLFJ5poV6LZZt5tWYTlqjvuBlPVD9HE1uFeyCpZEmECiPGypPVBIIqwIIuL779gwc0iK6dvIMQcppMKp_BDJwZealY8-PmH3DITxPisWMvjRu_H0v7E0gvvy3BjH7U1Ay9baB5b_vCYRogqPnQa40GnnDLiibVCSp-2t2QOeNch5zSoBvrZBamfrk5HKshgwtAj_51gI5zaIdDHhIbRj6gZEZXuQB7JIo6pI2Wqqz-vthReXwOx96rSteddg7RrlyLLFsA7dSB_T7_lZiZPNIQ6b-rR-NeoXdBk7mafIjdQONA9kNoGgNptZQk_cQyHzHE5i0q4kBXeDq0IdK8D6FO1tgYy7E5Rc9SLgtNtzuCLKElpWDsrNdk9nZOOEWVhHsJK2mSD0zoamp7MjULcr4FAay-69YiDlpFoY1jpc10U5qbycdwuzFgNnjtRIvmOu49osdMfxV96dqT3lCZSsWCC9xWzz8oS-0UN1pqZ8_l6UYI7DcYtLVceFGftooM4V-FYpAFIgq3MIbqoQMvVNqOKugWUoNZ4c91BlAp_k8HYECG2bFYqBxBlV04VLn1uq6fsoWApR-MCfcMWwgRiINZ9Na4qT9lu8edNeiC97Hh6NhrbtBkzOFUEWK826d7c7rhSzQiVEqmgXaqWpJsP5N3AVO167ydZtnHDaG26_Z5UE6JJz8pXnYNw5YuKbWrSlFy5FOiMx0XaiKFn4qdiKuu3x1R1S2IGLtJZrDf7bWdEt0lwQ2T7_j-SnokyS201d5sgyWZRA38auvAXlVnh7RUFMCB_aVyjcDW6kSaA9afx9q-AjtxqP7z-qR-xj9uvA5dy0JjCB4Sa3EhzptxQ-PxjZIO-cLd53G61IqgrruOAw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 8139 90 KB
39 KB 82ms
82ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:40:40 GMT

GET
H2 200 6347f1a8e5b6d2e1bc09ea3f Show response
c.bannerflow.net/a/ Frame 41AD 69 KB
23 KB 97ms
96ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/6347f1a8e5b6d2e1bc09ea3f?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2FrUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752049%3Badfibeg%3D0%3Bcdata%3Dnmw6ZbJ52fRHTufjV4ouOX6vIVhH1Idl7Vv0ofFcGypNt4ps-lNCTW1hgOLRJjmGMmex1_84sWrK-0xVU5u4x9j8G45s1tzMYaJU2uM20NlrKgVJEb1vM3m28V01wm7h3DUuvNrO3cFPuDAuPMtxzA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 825d66786fe05b260559198916dfa1c4eb211f8d12fc4a00f962bb1a1ef04c72

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 04:16:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7b0e03a21a97d963-HEL
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

POST
H2 200 /
track.adform.net/csimpr/ Frame 41AD 35 B
598 B 65ms
64ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59752049&csi=a5LbN_-EnUJNt4ps-lNCTWnya6zR6T1esqm4ziorf7kJDwKV3Zer3OYzOlvE35Th5T-FBjxvSVT-JF9dJ2d2J96vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.sportradarserving.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://eu.sportradarserving.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwA...
eu.sportradarserving.com/mimp/ Frame 41AD 43 B
220 B 66ms
66ms Image
image/gif 3.124.62.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/mimp/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.62.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:16:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 41AD 34 KB
15 KB 87ms
87ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d76b2cfa829493369c8998a7188d559c5fdf7a04d1420f846db44da566e85e09

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:58:57 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 0982 34 KB
15 KB 102ms
102ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d76b2cfa829493369c8998a7188d559c5fdf7a04d1420f846db44da566e85e09

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:58:57 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 8139 35 B
598 B 64ms
64ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59752039&csi=tSJ89T5pdu_gzjhcR1WuhcuP_Qsgq2QXat986mOONTMJDwKV3Zer3OYzOlvE35ThzAx5s6fAaJlybmhpn2F6Et6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.sportradarserving.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://eu.sportradarserving.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 11970823.js Show response
s1.adform.net/Banners/Elements/Files/36063/11970823/ Frame 94E3 2 KB
1 KB 65ms
65ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/36063/11970823/11970823.js?ADFassetID=11970823&bv=257
Requested by: Host: sharemods.com
URL: https://sharemods.com/2lwvzsfwm4dx/xw30.zip.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 78ecff424e1454093c5ae95d69d65daa6a558fc90c8c67ae12e0f0947fd8daa1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: gzip
last-modified: Mon, 07 Nov 2022 10:57:35 GMT
server: nginx
x-amz-request-id: tx000003d67af75cec2dc64-00641541ff-329530c7-default
etag: W/"3a59749a655f964b115d097f0d8144c9"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/published/3758227/4927918/ Frame 0982 23 KB
23 KB 49ms
49ms Image
image/jpeg 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/published/3758227/4927918/preload.jpg
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29459501fa632bafc27ac66fb80d10c7275aca6ca01634365a620e19962f2ee0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:00 GMT
cf-cache-status: HIT
age: 1840659
content-length: 23071
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 10 Mar 2023 20:58:07 GMT
server: cloudflare
etag: "0x8DB21AA268F2E72"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 742530a0-801e-0088-1e93-53082f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 7b0e03a31cb5d963-HEL

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/published/4072106/5151813/ Frame 41AD 20 KB
20 KB 52ms
51ms Image
image/jpeg 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/published/4072106/5151813/preload.jpg
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dcb7dd04ba2c95d3763a52d6349263f3aa3f11f8a36866adc4e59fd65d68f43

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:00 GMT
cf-cache-status: HIT
age: 840807
content-length: 20803
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Wed, 22 Mar 2023 10:42:17 GMT
server: cloudflare
etag: "0x8DB2AC21B66F174"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 0337e471-001e-0000-66ab-5ced26000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 7b0e03a31cc3d963-HEL

GET
H2

200

Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 94E3
Redirect Chain

https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js

30 KB
14 KB

71ms
71ms

Script
application/javascript

37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=
Protocol: H2
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx00000496f57c7341b8671-0063766147-329354d9-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
date: Sat, 01 Apr 2023 04:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 0982 0
81 B 82ms
82ms Ping
text/plain 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62b9cc54619a970bb751acde?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2FhtrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752049%3Badfibeg%3D0%3Bcdata%3DcCkki2fLKCJHTufjV4ouOXiW863IgQI8UhH364UsEyj_HoBR5XH0K_S7Hx7UkPzkMmex1_84sWrK-0xVU5u4x9j8G45s1tzMYaJU2uM20NlrKgVJEb1vM6ZKlkyyjeZVHJ851unkp0VPuDAuPMtxzA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.sportradarserving.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b0e03a36d5bd963-HEL
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 41AD 0
33 B 78ms
78ms Ping
text/plain 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6347f1a8e5b6d2e1bc09ea3f?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2FrUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752049%3Badfibeg%3D0%3Bcdata%3Dnmw6ZbJ52fRHTufjV4ouOX6vIVhH1Idl7Vv0ofFcGypNt4ps-lNCTW1hgOLRJjmGMmex1_84sWrK-0xVU5u4x9j8G45s1tzMYaJU2uM20NlrKgVJEb1vM3m28V01wm7h3DUuvNrO3cFPuDAuPMtxzA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.sportradarserving.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b0e03a37d82d963-HEL
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H2 200 6368e263f43c9e3196961321 Show response
c.bannerflow.net/a/ Frame 94E3 69 KB
23 KB 118ms
117ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/6368e263f43c9e3196961321?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2F5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA%253D%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752039%3Badfibeg%3D0%3Bcdata%3DDkw0cr-VGnZHTufjV4ouOdEWKpE3KDU37Vv0ofFcGyrgzjhcR1WuhX_42gY-jBDwuvqh1Oj3VO3oRzJvXlCNRwvebUF-Eo1FC7by61Ail0ET9O6wFjAmS-2L6uH-qP_eKMzsZpXYO7DE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D&domain=https%3a%2f%2feu.sportradarserving.com%2f&targetwindow=_blank
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a047966d3c0ed05f72265927a8da060dd7ea679891268ce64ddb3c537bdc3e9e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 04:16:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7b0e03a46fa3d963-HEL
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H2 200 widget.e41a0c4132970d505cc8.js Show response
c.bannerflow.net/scripts/ Frame 94E3 20 KB
8 KB 52ms
51ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6368e263f43c9e3196961321?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2F5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA%253D%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752039%3Badfibeg%3D0%3Bcdata%3DDkw0cr-VGnZHTufjV4ouOdEWKpE3KDU37Vv0ofFcGyrgzjhcR1WuhX_42gY-jBDwuvqh1Oj3VO3oRzJvXlCNRwvebUF-Eo1FC7by61Ail0ET9O6wFjAmS-2L6uH-qP_eKMzsZpXYO7DE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D&domain=https%3a%2f%2feu.sportradarserving.com%2f&targetwindow=_blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: nZPaCeepSHMZbbh+xShfnA==
age: 2127860
cf-polished: origSize=20123
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 07 Mar 2023 10:29:01 GMT
server: cloudflare
etag: W/"0x8DB1EF6C4FEC22F"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 34431595-801e-001e-21ec-5001fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b0e03a569d4d963-HEL

GET
H2 200 document.00000003A5FCF4.js Show response
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/published/4072123/5151813/ Frame 94E3 31 KB
8 KB 53ms
52ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/published/4072123/5151813/document.00000003A5FCF4.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6368e263f43c9e3196961321?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2F5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA%253D%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752039%3Badfibeg%3D0%3Bcdata%3DDkw0cr-VGnZHTufjV4ouOdEWKpE3KDU37Vv0ofFcGyrgzjhcR1WuhX_42gY-jBDwuvqh1Oj3VO3oRzJvXlCNRwvebUF-Eo1FC7by61Ail0ET9O6wFjAmS-2L6uH-qP_eKMzsZpXYO7DE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D&domain=https%3a%2f%2feu.sportradarserving.com%2f&targetwindow=_blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3a6a2975a447b91f04a8417a85ccace2f1ff9c93703f92df1800979cb7a4830

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: +XpbXRwq5bkq/xo2BjK5cQ==
age: 840801
cf-polished: origSize=34297
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 22 Mar 2023 10:42:21 GMT
server: cloudflare
etag: W/"0x8DB2AC21E0C8440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6af7e216-b01e-0048-13ab-5cf011000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b0e03a569d5d963-HEL

GET
H2 200 animated-creative.c2655198c23d97618c7a.js Show response
c.bannerflow.net/scripts/ Frame 94E3 156 KB
53 KB 57ms
56ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.c2655198c23d97618c7a.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6368e263f43c9e3196961321?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2F5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA%253D%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752039%3Badfibeg%3D0%3Bcdata%3DDkw0cr-VGnZHTufjV4ouOdEWKpE3KDU37Vv0ofFcGyrgzjhcR1WuhX_42gY-jBDwuvqh1Oj3VO3oRzJvXlCNRwvebUF-Eo1FC7by61Ail0ET9O6wFjAmS-2L6uH-qP_eKMzsZpXYO7DE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D&domain=https%3a%2f%2feu.sportradarserving.com%2f&targetwindow=_blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ff137bded249186aa62ccd3ff67d53e4c98492138f3ffc871323adc0ecc514d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:00 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: IpDGBro1F7zbcCkcovzbgQ==
age: 802247
cf-polished: origSize=159325
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 20 Mar 2023 14:02:16 GMT
server: cloudflare
etag: W/"0x8DB294BB696F23E"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5a9134c7-201e-005a-8037-5b8bc1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b0e03a569d9d963-HEL

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ Frame FC67 126 B
331 B 75ms
75ms Image
image/png 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1680322560927&d=9784&wsc=ar&typ=embed&mobile=0&c=23
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.200.56 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w17.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:00 GMT
last-modified: Saturday, 01-Apr-2023 04:16:00 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
DATA 200
OK truncated
/ Frame 94E3 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 0e2f516a-c3d7-49d8-b4b1-e361dd0cc590 Show response
https://eu.sportradarserving.com/ Frame 98C0 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://eu.sportradarserving.com/0e2f516a-c3d7-49d8-b4b1-e361dd0cc590
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.c2655198c23d97618c7a.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 94E3 5 KB
5 KB 189ms
103ms Font
font/woff 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55964b6ae202e726c80b2b79%2F37fb733d-aa7d-4607-844f-5abf0fdbce9f.woff&t=%20%26%2B-.%2F012458ACGMPRTZabcdeghilmnoprstuy%E2%80%AF
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ad2128b1deb43013eed402a95a4f89c2e62822fbde21e1e073807678a048f4

Request headers

Referer: https://eu.sportradarserving.com/
Origin: https://eu.sportradarserving.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 11:56:21 GMT
server: cloudflare
age: 19071093
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=37fb733d-aa7d-4607-844f-5abf0fdbce9f-subset.woff
cf-ray: 7b0e03a78bd23769-HEL
expires: Wed, 28 Jun 2023 11:56:21 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B3F 42 B
174 B 109ms
106ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWNbaJD4k39OVZkawnmz1xsaDTKiSMWrkwYvsht1fXunXn_abyMbfnPQRHxD4z5HvklKdYjLQx8Twwm6W4lI7bSRqc0oBoB3oANGw3nuPqEBm9knXb&sig=Cg0ArKJSzBWmULeREVV7EAE&id=lidar2&mcvt=1000&p=1039,650,1289,950&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230329&bin=7&avms=nio&bs=1600,1200&mc=0.64&vu=1&app=0&itpl=19&adk=1413971331&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680322559155&rpt=1067&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5287 42 B
108 B 108ms
107ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2Jr0JrA-xOk6vrtV0BWc4AWd32xzF8CVLhoyGPJmB7Nuk86wbjH5RNvfMBTlL8YbrEZ_MQEjaWEkGf0z9qLlGDah93g2a0QhDakcqJxhJnCGzXOj6&sig=Cg0ArKJSzJ3DY2p-JjFXEAE&id=lidar2&mcvt=1008&p=339,315,429,1285&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230329&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3771485005&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680322559141&rpt=1084&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6BCC 42 B
108 B 108ms
107ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQgIWy46cHC-pPUTHUdKmNzLqMMO70G5Xur4BhWIhY6GZk3ToQO9cxHMLqvkOGesyxZ0M-jNBS9966-cwdAl_NG46sOkniDPwknrQAVqUCuPIxqDKg&sig=Cg0ArKJSzHP4rDLoLUrrEAE&id=lidar2&mcvt=1014&p=707,650,957,950&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20230329&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=605329121&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680322559124&rpt=1092&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R3...
eu.sportradarserving.com/vimp/ Frame 0982 43 B
220 B 67ms
66ms Image
image/gif 3.124.62.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/vimp/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.62.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:16:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 94E3 3 KB
3 KB 49ms
48ms Font
font/woff 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55964b6ae202e726c80b2b79%2Fb24e7088-cf54-4526-b50b-8ce7ca7ce99c.woff&t=%20%27ABCEGIKLNORSTUVYZ
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b528567148a28f79ebc9f92eee7973be173857c6329020a007a8983c06c30fc

Request headers

Referer: https://eu.sportradarserving.com/
Origin: https://eu.sportradarserving.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:42:27 GMT
server: cloudflare
age: 840814
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=b24e7088-cf54-4526-b50b-8ce7ca7ce99c-subset.woff
cf-ray: 7b0e03a84cdb3769-HEL
expires: Thu, 21 Mar 2024 10:42:27 GMT

GET
H/1.1 200
OK 5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTw...
eu.sportradarserving.com/vimp/ Frame 8139 43 B
220 B 70ms
67ms Image
image/gif 3.124.62.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/vimp/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.62.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA==_url=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:16:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 4e938504-8b44-4daa-aa8e-e3817339b911.svg
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/ Frame 64FF 3 KB
1 KB 54ms
53ms Image
image/svg+xml 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/4e938504-8b44-4daa-aa8e-e3817339b911.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e907b3ec059aab3da287d45e3829f8a8b5ac487dc064d2d0496f711c6dadee08

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: o9nL9WWWtXI6Eqjv1Taayg==
age: 6133
x-ms-lease-status: unlocked
last-modified: Wed, 08 Jun 2022 10:22:18 GMT
server: cloudflare
etag: W/"0x8DA4938C401201C"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d378a69e-701e-0035-4240-268132000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7b0e03a8d81fd963-HEL

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 64FF 8 KB
8 KB 52ms
52ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F5f9a85a09e903b2d404cee99%2Fimages%2Fdbc7f4b4-3c70-488d-859e-fd296418e137.png&w=102&h=102&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1ab33562ad429a3c309b81313bbdebc4b4ff7c769b43b328c16965da50ef28b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 17:56:28 GMT
api-supported-versions: 2.0
server: cloudflare
age: 37127
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b0e03a8d824d963-HEL
content-length: 7944
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 64FF 13 KB
13 KB 56ms
56ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F5f9a85a09e903b2d404cee99%2Fimages%2Fb1c36cf6-4aa2-4d98-89ee-5aad3c39bf12.png&w=122&h=193&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6939b3c7a94b19614b70cb0ce5811461804e0f96389441ca8d35b01983abb58

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 17:56:28 GMT
api-supported-versions: 2.0
server: cloudflare
age: 37127
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b0e03a8d826d963-HEL
content-length: 13466
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 e8d179b9-ab54-452d-9dde-52118c1236a1.svg
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/ Frame 64FF 2 KB
1 KB 55ms
55ms Image
image/svg+xml 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/e8d179b9-ab54-452d-9dde-52118c1236a1.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52592c8e3fa87fa00e7ad943311a53b2150c0ced47b3eface98148aa530fa6e0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: pmsjXD/cCOwQRCjPSnAOyA==
age: 5121
x-ms-lease-status: unlocked
last-modified: Wed, 08 Jun 2022 10:17:55 GMT
server: cloudflare
etag: W/"0x8DA493827989C48"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: bde57602-401e-005c-2633-26b87e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7b0e03a8e82dd963-HEL

GET
H2 200 995a8f930d924c778c584a8fc101a3ea.png
c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/ Frame C22D 1 KB
1 KB 53ms
52ms Image
image/png 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/995a8f930d924c778c584a8fc101a3ea.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 944d0653cabb6543b4035c991f74a3d94db23bac4b05f44e7bf42ab32835a386

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: HIT
content-md5: sBg/GuNpWi7mr15cMmphoQ==
age: 6109
content-length: 1126
x-ms-lease-status: unlocked
last-modified: Mon, 15 Jun 2020 08:14:13 GMT
server: cloudflare
etag: 0x8D811041715F955
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8a73e034-201e-0091-7d4c-848894000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0e03a91866d963-HEL

GET
H/1.1 200
OK rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwA...
eu.sportradarserving.com/vimp/ Frame 41AD 43 B
220 B 66ms
66ms Image
image/gif 3.124.62.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/vimp/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.62.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-62-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:16:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 94E3 0
92 B 100ms
100ms Ping
text/plain 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6368e263f43c9e3196961321?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2F5aHFf0OzqKA6DWPzDWSimWvq2gQSRDQTvGHsM6EBT1y-aq8Xt2w52YBsPMLYxhQdaqltH7G3XMzgnwYaGSzGwwZU21omurskke-buMNXkBCooqM29XuESuHo-wZUTV4s3VzXNMJ1VOb2VoOnQ4YGUOVKuuXbwcKYSaBR3ynfOWG1uBlXV3XaN0eO7oBMYM4qPYqTwJ3BfopL5LnbCMAQlnu575dhpkKhgcsRTth-exNmV5Ul_z-rNhDHjpZkCIrqvNUGYrICGTV3ToAzUvSQ9fckJXrP_gG9DABQDgjymSHAgJV1QT_OzZYOquLCdJ5z77577fkEnICKSetCGbf6jYJt6YcW6vELuMd0PYYGckI_G1t1yhGlsIbPEFTrZu5CDIXvsvQ_M1658aZx-ZSozLLmeB9qImx-Am6rVkvfD9nIpIldVW6aXygJJ5_ejpxHowXRC0cUjbH2cTH42orlZm-R4F2igBso5N3ltiax3fLPuzHa7oQb6xOnyHInzJYTv4Yy-0Ua2meK68P9LSArLJPw5g3WaS8ATGOPkWDuTEnfv1sA3XAmQ4HZYaG5pUrucQKP_cS2KFXcDFgbq-39I93rP4yvdQYtGbqREtse1Jm0IP5trbllaSIa-_CKLfzio5l5zFKGde6mTus4ay5H8iZGfASKeRM2-qQvj4KdZtDb3R2iV_99guS-BcsJz3diuxv9zpIXfncNeX-zdkRtuk5ZPCGB0SKOZIBjQBYQeO6UKEdRs0qw7uUIj89aF8Gc3c7m6tKcRu7UJvV0CbroBeWxX8T4zk4oEwFxWBcP1NLodGqDivVg0dThiGTYCafb74XuSLoKBQdv4KD7ovvz6pnI0vj1kDlEhAXeaA8OXXRhcoyV1-qacUXB25V0Gi0E0GGgZlld05kv9Ak2NqZs2NEXDhqZXYEOHF7cglnxhGJi_Tx88RQj7hVAIUTylBLqBJ7l5PAjQIwxHIIKSAILvw7-sObQnQ9491GygUDmAMm2SyqPWGm6fU7qo9jupUaZ0Tb1vql098tqc0qhMiUn64JM1Sy1LAjIBmHoaroclWxwPLMA9qNNSKiOTE1TqMIrev4d87sNHqrtv4Uyumso2tZeTx4Ki-l0-7krkhlWHZ_KZi2Sh9J-zfCI493U6JC0yE2natqvHVFlJr57aopKCbw5MOKx-26gqP8KQKaVYp39oddoEbnegP60%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NTMwJmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzMxMjMwNjMwODIzNTU5NTAwNCZhZFNlcnZlcklkPTI0MyZpbXBpZD00Njc0RTIyOC1CQkM1LTQ4MjEtQUNFRC1GQjc2OEVBMTJENzYmcGFzc2JhY2s9MA%253D%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752039%3Badfibeg%3D0%3Bcdata%3DDkw0cr-VGnZHTufjV4ouOdEWKpE3KDU37Vv0ofFcGyrgzjhcR1WuhX_42gY-jBDwuvqh1Oj3VO3oRzJvXlCNRwvebUF-Eo1FC7by61Ail0ET9O6wFjAmS-2L6uH-qP_eKMzsZpXYO7DE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D&domain=https%3a%2f%2feu.sportradarserving.com%2f&targetwindow=_blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.sportradarserving.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b0e03a948c3d963-HEL
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H2 200 widget.e41a0c4132970d505cc8.js Show response
c.bannerflow.net/scripts/ Frame 0982 20 KB
8 KB 53ms
52ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62b9cc54619a970bb751acde?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2FhtrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752049%3Badfibeg%3D0%3Bcdata%3DcCkki2fLKCJHTufjV4ouOXiW863IgQI8UhH364UsEyj_HoBR5XH0K_S7Hx7UkPzkMmex1_84sWrK-0xVU5u4x9j8G45s1tzMYaJU2uM20NlrKgVJEb1vM6ZKlkyyjeZVHJ851unkp0VPuDAuPMtxzA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: nZPaCeepSHMZbbh+xShfnA==
age: 2127861
cf-polished: origSize=20123
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 07 Mar 2023 10:29:01 GMT
server: cloudflare
etag: W/"0x8DB1EF6C4FEC22F"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 34431595-801e-001e-21ec-5001fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b0e03a96904d963-HEL

GET
H2 200 document.00000023CB851D.js Show response
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/published/3758227/4927918/ Frame 0982 161 KB
35 KB 87ms
87ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/published/3758227/4927918/document.00000023CB851D.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62b9cc54619a970bb751acde?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2FhtrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752049%3Badfibeg%3D0%3Bcdata%3DcCkki2fLKCJHTufjV4ouOXiW863IgQI8UhH364UsEyj_HoBR5XH0K_S7Hx7UkPzkMmex1_84sWrK-0xVU5u4x9j8G45s1tzMYaJU2uM20NlrKgVJEb1vM6ZKlkyyjeZVHJ851unkp0VPuDAuPMtxzA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d857fbeb138f0667baef8eda750d1afb7186b6661c287f65a0b59c26acc1c056

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: ogqPdU788v+OUvbq1CzeFg==
age: 1840659
cf-polished: origSize=168498
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Fri, 10 Mar 2023 20:58:09 GMT
server: cloudflare
etag: W/"0x8DB21AA277005B8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 733412d2-e01e-008e-7d93-533b90000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b0e03a9690ad963-HEL

GET
H2 200 animated-creative.0d17da23618f24b974cb.js Show response
c.bannerflow.net/scripts/ Frame 0982 156 KB
53 KB 81ms
81ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62b9cc54619a970bb751acde?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2FhtrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752049%3Badfibeg%3D0%3Bcdata%3DcCkki2fLKCJHTufjV4ouOXiW863IgQI8UhH364UsEyj_HoBR5XH0K_S7Hx7UkPzkMmex1_84sWrK-0xVU5u4x9j8G45s1tzMYaJU2uM20NlrKgVJEb1vM6ZKlkyyjeZVHJ851unkp0VPuDAuPMtxzA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb6cef3eb76ec26c8bb8cb59e1ccf16d2facd9a1c387978948ce98664d2ca71f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: Gq90Z8yQaZwoZjD0SNt4Ow==
age: 2129228
cf-polished: origSize=159436
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 07 Mar 2023 10:29:01 GMT
server: cloudflare
etag: W/"0x8DB1EF6C4EBD802"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 357e760e-f01e-003b-63eb-50a882000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b0e03a9690fd963-HEL

GET
H2 200 widget.e41a0c4132970d505cc8.js Show response
c.bannerflow.net/scripts/ Frame 41AD 20 KB
7 KB 85ms
85ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6347f1a8e5b6d2e1bc09ea3f?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2FrUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752049%3Badfibeg%3D0%3Bcdata%3Dnmw6ZbJ52fRHTufjV4ouOX6vIVhH1Idl7Vv0ofFcGypNt4ps-lNCTW1hgOLRJjmGMmex1_84sWrK-0xVU5u4x9j8G45s1tzMYaJU2uM20NlrKgVJEb1vM3m28V01wm7h3DUuvNrO3cFPuDAuPMtxzA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: nZPaCeepSHMZbbh+xShfnA==
age: 2127861
cf-polished: origSize=20123
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 07 Mar 2023 10:29:01 GMT
server: cloudflare
etag: W/"0x8DB1EF6C4FEC22F"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 34431595-801e-001e-21ec-5001fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b0e03a96912d963-HEL

GET
H2 200 document.00000024C865BF.js Show response
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/published/4072106/5151813/ Frame 41AD 43 KB
11 KB 58ms
58ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/published/4072106/5151813/document.00000024C865BF.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6347f1a8e5b6d2e1bc09ea3f?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2FrUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752049%3Badfibeg%3D0%3Bcdata%3Dnmw6ZbJ52fRHTufjV4ouOX6vIVhH1Idl7Vv0ofFcGypNt4ps-lNCTW1hgOLRJjmGMmex1_84sWrK-0xVU5u4x9j8G45s1tzMYaJU2uM20NlrKgVJEb1vM3m28V01wm7h3DUuvNrO3cFPuDAuPMtxzA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaca8346c787d53e7cb3432737acabd1880cde83b7f78514f05b23363ecce971

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 7rfNJ8nI+YhNTmbTnFmqQw==
age: 840806
cf-polished: origSize=46674
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 22 Mar 2023 10:42:19 GMT
server: cloudflare
etag: W/"0x8DB2AC21CBA570D"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 71b41966-901e-0070-45ab-5c54d1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b0e03a96916d963-HEL

GET
H2 200 animated-creative.c2655198c23d97618c7a.js Show response
c.bannerflow.net/scripts/ Frame 41AD 156 KB
53 KB 64ms
64ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.c2655198c23d97618c7a.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6347f1a8e5b6d2e1bc09ea3f?did=5ced02fe0fd60d000186f5ac&deeplink=on&redirecturl=https%3A%2F%2Feu.sportradarserving.com%2Fclick%2FrUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs%2F%2F%3Fclick3rd%3Dhttps%253A%252F%252Fclicktrack.pubmatic.com%252FAdServer%252FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA%253D_url%253D%26lp_d2a97axd%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59752049%3Badfibeg%3D0%3Bcdata%3Dnmw6ZbJ52fRHTufjV4ouOX6vIVhH1Idl7Vv0ofFcGypNt4ps-lNCTW1hgOLRJjmGMmex1_84sWrK-0xVU5u4x9j8G45s1tzMYaJU2uM20NlrKgVJEb1vM3m28V01wm7h3DUuvNrO3cFPuDAuPMtxzA2%3B%3BCREFURL%3Dhttps%253a%252f%252fsharemods.com%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ff137bded249186aa62ccd3ff67d53e4c98492138f3ffc871323adc0ecc514d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: IpDGBro1F7zbcCkcovzbgQ==
age: 802248
cf-polished: origSize=159325
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 20 Mar 2023 14:02:16 GMT
server: cloudflare
etag: W/"0x8DB294BB696F23E"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5a9134c7-201e-005a-8037-5b8bc1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b0e03a96919d963-HEL

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5F8C 52 KB
17 KB 317ms
81ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 01 Apr 2023 04:16:01 GMT
ETag: "623de86a-cf34"
Expires: Sun, 02 Apr 2023 04:16:03 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync-all.html Show response
adxbid.info/ Frame 3EE7 7 KB
3 KB 189ms
84ms Document
text/html 2606:4700:3031::6815:5dd2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5dd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd39f3e498ab80f5f15e6d73a95de93e86db5a074748adf31afd850128640f14

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b0e03aa6dcbd926-HEL
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 01 Apr 2023 04:16:01 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Smop0HR9vtGHSfDKbWuwoVDHvxSQlTF47%2F8Iot8VGwoGT6CXVfyjAtleHgitYjzBfaIqTND6yCDDKN49SAOGqG7z%2FdGVSXB30wSsxBEcak3dQbtvphvt5%2F5x%2BLYV8sDBkh8KuOmvAb%2FwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F8F8 16 KB
6 KB 72ms
72ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=38646
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 01 Apr 2023 04:16:01 GMT
expires: Sat, 01 Apr 2023 15:00:07 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame A289 0
0 69ms
69ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1680322558257

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2

200

visitormatch Show response
bh.contextweb.com/ Frame 0F8B
Redirect Chain

https://bh.contextweb.com/visitormatch
https://bh.contextweb.com/visitormatch?reat=1

27 B
473 B

135ms
135ms

Document
text/html

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch?reat=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.50.v20221201) /

Resource Hash

ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: fi-FI
content-type: text/html;charset=iso-8859-1
cw-server: bh-deployment-7dfdb4b8db-6pb77
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(9.4.50.v20221201)
strict-transport-security: max-age=15768000

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: fi-FI
cw-server: bh-deployment-7dfdb4b8db-6pb77
expires: -1
location: /visitormatch?reat=1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(9.4.50.v20221201)
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E45B 281 B
554 B 219ms
69ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3928
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 01 Apr 2023 04:16:01 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

POST
H2 200 /
track.adform.net/serving/unload/ Frame 41AD 35 B
598 B 64ms
64ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5053906582621647486@@59752049,3157522010524852743,64|1018|0|0|0|0|0|0|0||26|1|||||1|0|0|gi_SlYsDj5XxBx_RTJEBJ-J7M8hLlDZAuFuVN3MKwAZx0tedsZ3mCvL_QlhaeLlf0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.sportradarserving.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://eu.sportradarserving.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 0982 35 B
598 B 66ms
66ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5053906582621647486@@59752049,6704290948109442258,100|1016|0|0|0|0|0|0|0||40|1|||||1|0|0|gi_SlYsDj5XxBx_RTJEBJ-J7M8hLlDZAuFuVN3MKwAaD4xXvfQx72PL_QlhaeLlf0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.sportradarserving.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://eu.sportradarserving.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
DATA 200
OK truncated
/ Frame 41AD 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 14e567de-8dbd-4b78-ab1e-fa3101e02255 Show response
https://eu.sportradarserving.com/ Frame A8B6 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://eu.sportradarserving.com/14e567de-8dbd-4b78-ab1e-fa3101e02255
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.c2655198c23d97618c7a.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 41AD 5 KB
5 KB 49ms
48ms Font
font/woff 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55964b6ae202e726c80b2b79%2F37fb733d-aa7d-4607-844f-5abf0fdbce9f.woff&t=%20%26%2B-.%2F012458ACGMPRTZabcdeghilmnoprstuy%E2%80%AF
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ad2128b1deb43013eed402a95a4f89c2e62822fbde21e1e073807678a048f4

Request headers

Referer: https://eu.sportradarserving.com/
Origin: https://eu.sportradarserving.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 11:56:21 GMT
server: cloudflare
age: 19071093
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=37fb733d-aa7d-4607-844f-5abf0fdbce9f-subset.woff
cf-ray: 7b0e03aaaa9a3769-HEL
expires: Wed, 28 Jun 2023 11:56:21 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame CC81 0
260 B 232ms
74ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
DATA 200
OK truncated
/ Frame 0982 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK b53e2a67-3459-42b5-b9d9-82b1b2a0288e Show response
https://eu.sportradarserving.com/ Frame DA62 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://eu.sportradarserving.com/b53e2a67-3459-42b5-b9d9-82b1b2a0288e
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 getuid
eb2.3lift.com/ Frame 3EE7 37 B
140 B 178ms
65ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 41AD 3 KB
3 KB 64ms
64ms Font
font/woff 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55964b6ae202e726c80b2b79%2Fb24e7088-cf54-4526-b50b-8ce7ca7ce99c.woff&t=%20%27ABCEGIKLNORSTUVYZ
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/rUryzt9ydTXjG6WpqXXsUdp9ErlDaLmAnGv28IoJQgqcIP0Ou1eTss_3ROAM-ySi7ZXIT7AUBJCIoJHPrDnc_3QOBGEIRENtdQEyYYb-OD4hyLw-QcfC9AnP6wEwldtM4BF6VN77OoRXZ7PAtIo1fVFw4gaCfw3KkJywMEk5AaofgfnGoVZrKlfY-TQiwSFQHtlwAo9rWFYLiqydCkH7INXAz3GSakHYG1fVItMn5sfmEKSQt1vfMScDpyJIR6odVrgPi2dNw8KIi6c9A147_JKM2FnWZBmLradJI5DsP3jRNvzbaAYtCQDZfYyxCjoiCzbaS21MnFWnXKHkMge3CK7hY-gpsCMCTQU1BSUosilaEmHPt9hy8g1jmSa_ybyvGvBrbBW-ILjYOaAIaAmYmvdizJgQvTG6LLpf2n61_SUkPpzuaJx0r01qDYmxaDC0nxt4cBo-VwsyRpF_ABOF6y3sbcSrH9NqtKR9MnmJPzF1KOW_LjjZga-XrZ5dUTv8OsgZW2oL47mAgbMLVw74-7Llz7xiQly3r_Asiam5iVHMrXeRfGsbw4kkUCFomrpNOUQ3N01GxiumR6zsS_xLZGXoPT58jv1SJQqCeUcbogAlYfG7S4FxxLj4H6Z7uR2beKhBn_zfdap6bwJIDhjxKKLwRzGu6w_4PUjlBPmYvRZN6WyE64d4W7vOphoXdatXjBhenJzTZ1Is2L9sL90sYS3ZG98zjYr8fhG_rLShHxHryj1vs_cLARLE_euFmjWAHHtsA7mjegope44hGOYkmBuwSXo1xfJxut5_xtorVO-fs7H3aJEy7d4mmUONF4ysd_6ijQdyBAdGn1bwtoawFXUG4OqstbueRfehBgRpMww-cvcDPKgCSsuAd7c6-FoSnZjbB00T35lvca5cozAQuuJV6lu0xlrGGLqGiib9W0dH33enbSrJUGyFQoJSd1p0Jr6mGp_h6b7uQXRFU5C7XF34FAbUDFReP4DODqbtcWWx_jz_mW-bnchxMB6Rojnw_Cm5A6Ia-6dNEvR93PqG-hGWe7k4GhmSAH3IL3imVTiYny7Pc7XsSUodpM5REhGr8QQmPPW6of2yjzgW-brx2u_kskQHnidbi63xVGPICBqLH9pfo-N63eFoAD_wlU8jgMyGffjCESo8Lr6lnkMeAqpdThyQ_0wKA9egZbLfcO_2zMQTllMGckj0xgs/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9MjZDQjRFNTQtRUUwOC00RDVBLUFBQTctODJFMEEyRDUyMTlBJnBhc3NiYWNrPTA=_url=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b528567148a28f79ebc9f92eee7973be173857c6329020a007a8983c06c30fc

Request headers

Referer: https://eu.sportradarserving.com/
Origin: https://eu.sportradarserving.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:42:27 GMT
server: cloudflare
age: 840814
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=b24e7088-cf54-4526-b50b-8ce7ca7ce99c-subset.woff
cf-ray: 7b0e03ab2bbf3769-HEL
expires: Thu, 21 Mar 2024 10:42:27 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 0982 5 KB
5 KB 51ms
51ms Font
font/woff 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55964b6ae202e726c80b2b79%2F37fb733d-aa7d-4607-844f-5abf0fdbce9f.woff&t=%20%26%2B-.%2F012458ACGMPRTZabcdeghilmnoprstuy%E2%80%AF
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ad2128b1deb43013eed402a95a4f89c2e62822fbde21e1e073807678a048f4

Request headers

Referer: https://eu.sportradarserving.com/
Origin: https://eu.sportradarserving.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 11:56:21 GMT
server: cloudflare
age: 19071093
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=37fb733d-aa7d-4607-844f-5abf0fdbce9f-subset.woff
cf-ray: 7b0e03ab3be23769-HEL
expires: Wed, 28 Jun 2023 11:56:21 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E45B 34 KB
10 KB 70ms
70ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: cf20da05e001783a309414cbdf571871bc8ede3ec9af0c06999b00af7df4053b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 04:16:01 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 Mar 2023 23:28:53 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=69175
Connection: keep-alive
Content-Length: 10016
Expires: Sat, 01 Apr 2023 23:28:56 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 0982 3 KB
3 KB 59ms
59ms Font
font/woff 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55964b6ae202e726c80b2b79%2Fb24e7088-cf54-4526-b50b-8ce7ca7ce99c.woff&t=%20ADEGHIJLNOPRSTU
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjE5MSZzaXRlSWQ9NjA3ODE3JmFkSWQ9MjMwMjgyNCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY1MzAmY3JlYXRpdmVJZD0wJnVjcmlkPTQxNjE3ODQxMzU5MDQwOTcwNDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9NkY4MDI0MkEtNjY1Ri00MTJGLUFENUMtRTQ2QjVEOERBNjA2JnBhc3NiYWNrPTA=_url=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe329b568b00b8b2526c83653449fc8ee68dc115bc8640e32df8c052e323a028

Request headers

Referer: https://eu.sportradarserving.com/
Origin: https://eu.sportradarserving.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: HIT
last-modified: Mon, 09 Jan 2023 14:32:57 GMT
server: cloudflare
age: 7047784
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=b24e7088-cf54-4526-b50b-8ce7ca7ce99c-subset.woff
cf-ray: 7b0e03ab8c7d3769-HEL
expires: Tue, 09 Jan 2024 14:32:57 GMT

GET
H2 200 e8d179b9-ab54-452d-9dde-52118c1236a1.svg
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/ Frame B4F1 2 KB
1 KB 53ms
52ms Image
image/svg+xml 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/e8d179b9-ab54-452d-9dde-52118c1236a1.svg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.c2655198c23d97618c7a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52592c8e3fa87fa00e7ad943311a53b2150c0ced47b3eface98148aa530fa6e0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: pmsjXD/cCOwQRCjPSnAOyA==
age: 5121
x-ms-lease-status: unlocked
last-modified: Wed, 08 Jun 2022 10:17:55 GMT
server: cloudflare
etag: W/"0x8DA493827989C48"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: bde57602-401e-005c-2633-26b87e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7b0e03ab9d6bd963-HEL

GET
H2 200 d7517abb-6731-434e-b6be-8e77cebde944.svg
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/ Frame B4F1 3 KB
857 B 51ms
50ms Image
image/svg+xml 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/d7517abb-6731-434e-b6be-8e77cebde944.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eb7c8a9879ce9baeaa8e0fb049ef850d59b9885ccb47cfa5b63927f03ed32e4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 3iJJp4KTEnv8OUt6m0yA6Q==
age: 6053
x-ms-lease-status: unlocked
last-modified: Wed, 08 Jun 2022 10:22:18 GMT
server: cloudflare
etag: W/"0x8DA4938C429B352"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 38e570f3-d01e-0061-5b3a-f6ce65000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7b0e03abbda8d963-HEL

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame B4F1 22 KB
23 KB 52ms
52ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F5f9a85a09e903b2d404cee99%2Fimages%2F0daa3883-2dbb-4bc4-bafe-c575a6c1f01f.png&w=174&h=275&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ef1406e04cd0007b680fd5af2737e99d537f913b303671ca4a97f4c7a008bc0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 16:59:10 GMT
api-supported-versions: 2.0
server: cloudflare
age: 40584
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b0e03abbda9d963-HEL
content-length: 22950
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame B4F1 8 KB
8 KB 53ms
52ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F5f9a85a09e903b2d404cee99%2Fimages%2Fc0938a44-b433-4b12-b50d-0a073576becf.png&w=103&h=96&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5b03be2d5c0a5e20b82f882fb852f42700e9a80dc732835172217ab2643b2b3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 16:59:09 GMT
api-supported-versions: 2.0
server: cloudflare
age: 40584
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b0e03abdddbd963-HEL
content-length: 8032
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 995a8f930d924c778c584a8fc101a3ea.png
c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/ Frame 9B0F 1 KB
1 KB 64ms
64ms Image
image/png 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/995a8f930d924c778c584a8fc101a3ea.png
Requested by: Host:
URL: widget-f30cc679-94c0-407e-921d-5db651b874d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 944d0653cabb6543b4035c991f74a3d94db23bac4b05f44e7bf42ab32835a386

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
cf-cache-status: HIT
content-md5: sBg/GuNpWi7mr15cMmphoQ==
age: 6109
content-length: 1126
x-ms-lease-status: unlocked
last-modified: Mon, 15 Jun 2020 08:14:13 GMT
server: cloudflare
etag: 0x8D811041715F955
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8a73e034-201e-0091-7d4c-848894000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0e03abfe1ed963-HEL

GET
H2 200 bb0a12d0-68ef-4e11-b1e3-73f3ea1c9ae5.svg
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/ Frame 91A2 26 KB
9 KB 65ms
65ms Image
image/svg+xml 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/bb0a12d0-68ef-4e11-b1e3-73f3ea1c9ae5.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e473769e129230a0e1c00bd3938489769c24d0ce4783f627421dfa5a38e6829f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: jN0Pag23ZukUyIMmUlBDrA==
age: 5940
x-ms-lease-status: unlocked
last-modified: Mon, 28 Nov 2022 07:19:09 GMT
server: cloudflare
etag: W/"0x8DAD110D7D13106"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 02c95e59-e01e-0018-3635-063241000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7b0e03abfe33d963-HEL

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 5F8C
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
935 B

132ms
132ms

Script
text/html

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Apr 2023 04:16:02 GMT
AN-X-Request-Uuid: 32fd0cbb-937c-4892-8e3a-5da56b950a46
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.212.149.205; 185.212.149.205; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 01 Apr 2023 04:16:01 GMT
AN-X-Request-Uuid: 66d68ae0-0b2a-45de-839e-2d4396fda4cd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.212.149.205; 185.212.149.205; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d7517abb-6731-434e-b6be-8e77cebde944.svg
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/ Frame ABD0 3 KB
764 B 76ms
75ms Image
image/svg+xml 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/d7517abb-6731-434e-b6be-8e77cebde944.svg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eb7c8a9879ce9baeaa8e0fb049ef850d59b9885ccb47cfa5b63927f03ed32e4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 3iJJp4KTEnv8OUt6m0yA6Q==
age: 6053
x-ms-lease-status: unlocked
last-modified: Wed, 08 Jun 2022 10:22:18 GMT
server: cloudflare
etag: W/"0x8DA4938C429B352"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 38e570f3-d01e-0061-5b3a-f6ce65000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7b0e03ac2ee9d963-HEL

GET
H2 200 275d3d6c-1262-4918-baa7-9062a1aee0ad.svg
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/ Frame ABD0 4 KB
2 KB 68ms
68ms Image
image/svg+xml 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/275d3d6c-1262-4918-baa7-9062a1aee0ad.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74b70db5e11d6d18c8d830a5b8b00994e8442a94b248808d9ac6bcc725db7933

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:02 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: mmOwELBMjw1O6lEOligxpA==
age: 5500
x-ms-lease-status: unlocked
last-modified: Thu, 19 May 2022 13:09:38 GMT
server: cloudflare
etag: W/"0x8DA3998D41A4DE5"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 71c55704-401e-002e-6d4d-07bf31000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7b0e03ac7fdbd963-HEL

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame ABD0 5 KB
5 KB 65ms
64ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F5f9a85a09e903b2d404cee99%2Fimages%2F00b63ae5-f4c5-4b0d-8590-754e1ef0e7d3.png&w=146&h=242&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e160ac8bc2e74f2eb3835677318da6c6b1bd0b678b41b183555a0f08f3b473c4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 19:12:02 GMT
api-supported-versions: 2.0
server: cloudflare
age: 32612
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b0e03ac8824d963-HEL
content-length: 5476
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame ABD0 18 KB
18 KB 54ms
54ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F5f9a85a09e903b2d404cee99%2Fimages%2F7e14eacf-f075-4fde-b7a5-e755eb7dd6c2.png&w=174&h=154&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2109553ad3bfed82dd98c75faa941072d7ba84647bb6156dc5f8586e4f3652d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 19:12:02 GMT
api-supported-versions: 2.0
server: cloudflare
age: 32612
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b0e03ac8826d963-HEL
content-length: 18084
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 995a8f930d924c778c584a8fc101a3ea.png
c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/ Frame 1197 1 KB
1 KB 71ms
71ms Image
image/png 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/995a8f930d924c778c584a8fc101a3ea.png
Requested by: Host:
URL: widget-5bd8ed20-06fc-4431-b2a8-c075ac12de16.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 944d0653cabb6543b4035c991f74a3d94db23bac4b05f44e7bf42ab32835a386

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:02 GMT
cf-cache-status: HIT
content-md5: sBg/GuNpWi7mr15cMmphoQ==
age: 6110
content-length: 1126
x-ms-lease-status: unlocked
last-modified: Mon, 15 Jun 2020 08:14:13 GMT
server: cloudflare
etag: 0x8D811041715F955
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8a73e034-201e-0091-7d4c-848894000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0e03aca846d963-HEL

GET
H2 200 bc851aab-ef08-46ea-8c92-87eae44658ed.svg
c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/ Frame 5496 30 KB
13 KB 56ms
56ms Image
image/svg+xml 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betsson/5f9a85a09e903b2d404cee99/images/bc851aab-ef08-46ea-8c92-87eae44658ed.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb373b5b3860b665126c5b1e9c6654868aec3d4bd993bb7b09ff4b158e149ac

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:02 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: TDfsqnwpr2NRyaQ0FdQ6Pw==
age: 921
x-ms-lease-status: unlocked
last-modified: Thu, 09 Jun 2022 14:01:05 GMT
server: cloudflare
etag: W/"0x8DA4A207EEBE8F0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c5c4c70d-301e-0079-3737-011102000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7b0e03aca850d963-HEL

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 4075 4 KB
4 KB 53ms
53ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F5f9a85a09e903b2d404cee99%2Fimages%2Fd23967fa-ca1c-459e-ad27-6d8be70376cd.png&w=115&h=115&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cde08c04d2dfe9d4f956464bcd30c28be9c1b73e29922ad190a54094dc3627ef

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 20:21:41 GMT
api-supported-versions: 2.0
server: cloudflare
age: 28294
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b0e03acd881d963-HEL
content-length: 4084
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame E76D 4 KB
4 KB 51ms
50ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetsson%2F5f9a85a09e903b2d404cee99%2Fimages%2F0087e6db-cb6c-4741-b8a3-1069484c3860.png&w=100&h=100&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86664688e5edd120ed97630748a5ef616058efd0581bc873e7758d72cce1bc5f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 19:13:07 GMT
api-supported-versions: 2.0
server: cloudflare
age: 32562
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b0e03acd88cd963-HEL
content-length: 4230
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 a_cnti.png
cdn.onnetwork.tv/cnt/ Frame FC67 126 B
331 B 75ms
75ms Image
image/png 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1680322562047&event=plstarttry&d=9784&vs=0&aps=3&playerVisible=2&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.200.56 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w17.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
last-modified: Saturday, 01-Apr-2023 04:16:02 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cnti.png
cdn.onnetwork.tv/cnt/ Frame FC67 126 B
331 B 76ms
75ms Image
image/png 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1680322562054&event=adsearch&d=9784&vs=0&aps=3&playerVisible=2&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.200.56 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w17.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
last-modified: Saturday, 01-Apr-2023 04:16:02 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FC67 107 B
165 B 81ms
80ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sharemods.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 3EE7
Redirect Chain

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=34927915656ee6273ee7683233977b0392da856350bf6dbf23a2833d32a33b86

86 B
564 B

220ms
76ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=34927915656ee6273ee7683233977b0392da856350bf6dbf23a2833d32a33b86
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
content-length: 86
content-type: image/png

Redirect headers

Location: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=34927915656ee6273ee7683233977b0392da856350bf6dbf23a2833d32a33b86
Pragma: no-cache
Date: Sat, 01 Apr 2023 04:16:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H2 206 Untitled-dde00f0b9b604f3298b640a2c655f8c2.mp4
c.bannerflow.net/bf-videos/55964b6ae202e726c80b2b79/ Frame 8472 255 KB
0 91ms
90ms Media
video/mp4 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/bf-videos/55964b6ae202e726c80b2b79/Untitled-dde00f0b9b604f3298b640a2c655f8c2.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:02 GMT
cf-cache-status: HIT
content-md5: U/4GmfJRr0DSh4WNlogMzg==
age: 2730
x-ms-server-encrypted: true
Content-Range: bytes 0-1391682/1391683
Content-Length: 1391683
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Thu, 15 Dec 2022 18:25:35 GMT
last-modified: Thu, 15 Dec 2022 18:25:35 GMT
server: cloudflare
etag: "0x8DADEC9C26CBEEE"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
x-ms-request-id: 871bec45-601e-001b-6b2f-247f54000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2020-06-12
cf-ray: 7b0e03ad08f0d963-HEL

GET
H/1.1

204
No Content

token
pixel.rubiconproject.com/ Frame E45B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TLDK_jLKTqOLFRZhKngLXA&rk=usync-na

0
214 B

66ms
66ms

Image
text/plain

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TLDK_jLKTqOLFRZhKngLXA&rk=usync-na
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Sat, 01 Apr 2023 04:16:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5M0WJ5QBP1M1A3BF82BA
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TLDK_jLKTqOLFRZhKngLXA&rk=usync-na
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E45B
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFXGNZW1-1G-EVW1

0
648 B

320ms
206ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFXGNZW1-1G-EVW1
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7CBF4E02BABD484CAB24977B94FEF5AF Ref B: STOEDGE1211 Ref C: 2023-04-01T04:16:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX4PpVzC9uMygHalcaDZQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFXGNZW1-1G-EVW1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E45B 70 B
265 B 267ms
87ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 01 Apr 2023 04:16:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

422
Unprocessable Entity

tap.php
pixel.rubiconproject.com/ Frame E45B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJpPpkt-yelGZPOZF06N3zU&google_cver=1

0
0

292ms
67ms

Image
text/plain

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJpPpkt-yelGZPOZF06N3zU&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJpPpkt-yelGZPOZF06N3zU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E45B
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEZYR05aVzEtMUctRVZXMQ==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEATwODinEfmVmNp3Zef11FU&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZYR05aVzEtMUctRVZXMQ==&google_push=

170 B
188 B

80ms
80ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZYR05aVzEtMUctRVZXMQ==&google_push=

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZYR05aVzEtMUctRVZXMQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E45B
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/RXgV40H86mxo8P4RZ1DnyMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-f7l5ZcZE2oLXwIGnHnO5nKMToaRnQBelCLR4Rg--~A

0
239 B

146ms
64ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-f7l5ZcZE2oLXwIGnHnO5nKMToaRnQBelCLR4Rg--~A
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 01 Apr 2023 04:16:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-f7l5ZcZE2oLXwIGnHnO5nKMToaRnQBelCLR4Rg--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E45B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=49IchnvdTF2puZbO4CZIIg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=49IchnvdTF2puZbO4CZIIg

43 B
479 B

161ms
160ms

Image
image/gif

67.220.228.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=49IchnvdTF2puZbO4CZIIg

Protocol

HTTP/1.1

Server

67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Apr 2023 04:16:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZY1HZHKNPVAV2VEGH40J
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=49IchnvdTF2puZbO4CZIIg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E45B
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzMxMmJhNGVkYjdkZDFkOTc0Yzk4ZjMxMmYzNWU2MTg4OGI4YzM2Nw

170 B
188 B

81ms
80ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzMxMmJhNGVkYjdkZDFkOTc0Yzk4ZjMxMmYzNWU2MTg4OGI4YzM2Nw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzMxMmJhNGVkYjdkZDFkOTc0Yzk4ZjMxMmYzNWU2MTg4OGI4YzM2Nw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 995a8f930d924c778c584a8fc101a3ea.png
c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/ Frame C22D 1 KB
1 KB 80ms
79ms Image
image/png 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/995a8f930d924c778c584a8fc101a3ea.png
Requested by: Host:
URL: widget-4fd7620b-3f46-4733-8046-5bd30e6ee05c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 944d0653cabb6543b4035c991f74a3d94db23bac4b05f44e7bf42ab32835a386

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:02 GMT
cf-cache-status: HIT
content-md5: sBg/GuNpWi7mr15cMmphoQ==
age: 6110
content-length: 1126
x-ms-lease-status: unlocked
last-modified: Mon, 15 Jun 2020 08:14:13 GMT
server: cloudflare
etag: 0x8D811041715F955
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8a73e034-201e-0091-7d4c-848894000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0e03ad091dd963-HEL

POST
H2 204 csi
csi.gstatic.com/ Frame 069D 0
234 B 243ms
78ms Ping
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lfxgo1bi&c=6045814102754&slotId=3022907051377&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_lt.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 069D 124 B
328 B 106ms
84ms XHR
text/xml 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F147246189%2C21696195204%2Fsharemods.com_instream&description_url=https%3A%2F%2Fsharemods.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&min_ad_duration=5000&max_ad_duration=120000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=903373056025854&sdkv=h.3.566.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=3108524239&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.566.2&sid=B3975DAA-DFE0-48AA-AF83-C857145EE1AF&a3p=EhwKDWNyd2RjbnRybC5uZXQYjvmd2PMwSABSAghkEhkKCnB1YmNpZC5vcmcYl_qd2PMwSABSAghqEhsKDmVzcC5jcml0ZW8uY29tEgAYlPqd2PMwSAAS1gEKCHJ0YmhvdXNlEsABb2xWN1lkOW9OSEtGZWpVWHl2YmYvdWt0WDFCMjd2NVZBYVBONitsYlBic2M1RGp6eU4zRDVrUm5BT093WGQrLzl3VmtjSExsRTlMMDE0OXIwQnhlb1ZRcC8rcGdTQUNrYzBxSlMzR2VYTy9jMzhXNTZpQzFITUMwVSszdVFJR2ZyYSthQm9uK05LT2NlRFNiVEhaVXE3TUF4QXZKZXRDZm54K1FtN05WU0laNTVySUVFeDdXQThMek11MHhsdnl6GJv9ndjzMEgAEhkKCnVpZGFwaS5jb20Yjvmd2PMwSABSAghkEj4KBW9wZW54EixleUpwSWpvaVIwY3hSakI0TDJKVFdubExVbE5OT1RNdmVHRnFkejA5SW4wPRjm_p3Y8zBIABIbCgxpZDUtc3luYy5jb20Ysfud2PMwSABSAghq&nel=0&eid=44736293%2C44748969%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&ref=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&url=https%3A%2F%2Fsharemods.com%2F2lwvzsfwm4dx%2Fxw30.zip.html&dlt=1680322558227&idt=1985&dt=1680322562182&cookie=ID%3D758f2039d4a63bbd%3AT%3D1680322558%3AS%3DALNI_MZf4tHDFJ82pv3w5kfDoJOaOLlwgw&gpic=UID%3D00000bcf12acb52e%3AT%3D1680322558%3ART%3D1680322558%3AS%3DALNI_MbLBz3xTOGx2zmcSn6MTIdBBYiftw&scor=2957768399133841&ged=ve4_td4_tt2_pd4_la4000_er1669.230.1669.230_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_lt.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 Untitled-dde00f0b9b604f3298b640a2c655f8c2.mp4
c.bannerflow.net/bf-videos/55964b6ae202e726c80b2b79/ Frame 8472 15 KB
15 KB 57ms
56ms Media
video/mp4 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/bf-videos/55964b6ae202e726c80b2b79/Untitled-dde00f0b9b604f3298b640a2c655f8c2.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f624b30f3395d217eaa2571be70f7ab961f9dda7e0ebd73417887886464663f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=1376256-

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:02 GMT
cf-cache-status: HIT
content-md5: U/4GmfJRr0DSh4WNlogMzg==
age: 2730
x-ms-server-encrypted: true
Content-Range: bytes 1376256-1391682/1391683
Content-Length: 15427
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Thu, 15 Dec 2022 18:25:35 GMT
last-modified: Thu, 15 Dec 2022 18:25:35 GMT
server: cloudflare
etag: "0x8DADEC9C26CBEEE"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
x-ms-request-id: 871bec45-601e-001b-6b2f-247f54000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2020-06-12
cf-ray: 7b0e03adcafad963-HEL

POST
H2 200 /
track.adform.net/serving/unload/ Frame 8139 35 B
598 B 64ms
64ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5053906582621647486@@59752039,6197325580846705929,100|1070|0|0|0|0|0|0|0||49|1|||||1|0|0|VPRlcPQBR6HxBx_RTJEBJ-J7M8hLlDZAuFuVN3MKwAbDL8kidoMWMvL_QlhaeLlf0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.sportradarserving.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://eu.sportradarserving.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 206 Untitled-dde00f0b9b604f3298b640a2c655f8c2.mp4
c.bannerflow.net/bf-videos/55964b6ae202e726c80b2b79/ Frame 8472 1 MB
1 MB 66ms
66ms Media
video/mp4 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/bf-videos/55964b6ae202e726c80b2b79/Untitled-dde00f0b9b604f3298b640a2c655f8c2.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f404a2e555dfdf4b8abd0680b75f19b7479e19aa0ec0c7f75cab5860680ba2f7

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=229376-

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:02 GMT
cf-cache-status: HIT
content-md5: U/4GmfJRr0DSh4WNlogMzg==
age: 2730
x-ms-server-encrypted: true
Content-Range: bytes 229376-1391682/1391683
Content-Length: 1162307
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Thu, 15 Dec 2022 18:25:35 GMT
last-modified: Thu, 15 Dec 2022 18:25:35 GMT
server: cloudflare
etag: "0x8DADEC9C26CBEEE"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
x-ms-request-id: 871bec45-601e-001b-6b2f-247f54000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2020-06-12
cf-ray: 7b0e03ae4c2dd963-HEL

POST
H2 204 csi
csi.gstatic.com/ Frame 069D 0
54 B 99ms
78ms Ping
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lfxgo2uh&c=6045814102754&slotId=3022907051377&ghmsh_eids=44736293%2C44748969%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&vast_v=4.1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_lt.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 04:16:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a_cntr.png Show response
cdn.onnetwork.tv/cnt/ Frame 069D 126 B
368 B 75ms
75ms Fetch
image/png 87.98.236.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cntr.png?ts=16803225620&vmvp=0&w=9784&vs=1197&vc=27330&mobile=0&aps=3&pv=2&ac=0&plist=2557&widget=808&ab=0&co=0&pod=0&muted=1&initap=3&adcount=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.566.2_lt.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: vh11c.eris-w26.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
last-modified: Fri, 08 Nov 2019 15:04:48 GMT
server: XO.webservantpro
accept-ranges: bytes
content-length: 126
content-type: image/png

GET
H2 200 a_cnti.png
cdn.onnetwork.tv/cnt/ Frame FC67 126 B
331 B 75ms
75ms Image
image/png 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1680322562312&event=adnotpresent&d=9784&vs=0&aps=3&playerVisible=2&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.200.56 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w17.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
last-modified: Saturday, 01-Apr-2023 04:16:02 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntn.png
cdn.onnetwork.tv/cnt/ Frame FC67 126 B
331 B 76ms
75ms Image
image/png 178.32.200.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntn.png?ts=1680322562312&d=9784&mobile=0&bp=0&ap=3&lin=1&muted=1&fna=1&ab=0&co=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.200.56 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w17.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sharemods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
last-modified: Saturday, 01-Apr-2023 04:16:02 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9A43 1 KB
1 KB 71ms
71ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45344471&p=156191&s=607817&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=6&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 40661a4f1d23c164d75023f2b9c8b8f767c2ed085e458cc99beb317aa4105dc3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 01 Apr 2023 04:16:02 GMT
content-length: 1081
content-type: text/html; charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1C8E 1 KB
1 KB 72ms
71ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74004498&p=156191&s=607817&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=6&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 40661a4f1d23c164d75023f2b9c8b8f767c2ed085e458cc99beb317aa4105dc3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 01 Apr 2023 04:16:02 GMT
content-length: 1081
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9E1E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

73ms
72ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 01 Apr 2023 04:16:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 04:16:02 GMT
expires: Sat, 01 Apr 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1043135
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A8E3
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A_jaF1f82BIYrtgVAqnFQgCq2kMY-NsXBv3v1e4h

42 B
416 B

66ms
66ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A_jaF1f82BIYrtgVAqnFQgCq2kMY-NsXBv3v1e4h
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 01 Apr 2023 04:16:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sat, 01 Apr 2023 04:16:02 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A_jaF1f82BIYrtgVAqnFQgCq2kMY-NsXBv3v1e4h
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 2D85 43 B
855 B 231ms
98ms Document
image/gif 67.220.228.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 01 Apr 2023 04:16:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 0WEKFK17DMN55W6ESWAK

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E9AA
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1178593671962508712&gdpr=0&gdpr_consent=

42 B
297 B

73ms
73ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1178593671962508712&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 01 Apr 2023 04:16:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 6763ec38-4fa1-444f-9b7c-e0b8bc2dce6d
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 01 Apr 2023 04:16:02 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1178593671962508712&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 185.212.149.205; 185.212.149.205; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9A43 70 B
264 B 88ms
87ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 01 Apr 2023 04:16:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 9A43
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oQG4EudE2uVqkXQjoabrsPGFT84X1PQ-~A&gdpr=0

0
260 B

211ms
66ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oQG4EudE2uVqkXQjoabrsPGFT84X1PQ-~A&gdpr=0
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oQG4EudE2uVqkXQjoabrsPGFT84X1PQ-~A&gdpr=0
date: Sat, 01 Apr 2023 04:16:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1C8E 70 B
264 B 87ms
87ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 01 Apr 2023 04:16:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 725B
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

73ms
72ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 01 Apr 2023 04:16:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 04:16:02 GMT
expires: Sat, 01 Apr 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1016395
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 15EE
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eQS0OS0AtjxiUrY4ewCrOH5Tt2tiAuRqLAfGzbg6

42 B
414 B

66ms
66ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eQS0OS0AtjxiUrY4ewCrOH5Tt2tiAuRqLAfGzbg6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 01 Apr 2023 04:16:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sat, 01 Apr 2023 04:16:02 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eQS0OS0AtjxiUrY4ewCrOH5Tt2tiAuRqLAfGzbg6
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame DD62 43 B
855 B 238ms
92ms Document
image/gif 67.220.228.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 01 Apr 2023 04:16:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 4WKAFFAHS8C1A8RZPSEX

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1778
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1178593671962508712&gdpr=0&gdpr_consent=

42 B
97 B

73ms
73ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1178593671962508712&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 01 Apr 2023 04:16:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 8d901ff4-0748-442a-814f-6fcc4b460eac
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 01 Apr 2023 04:16:02 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1178593671962508712&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 185.212.149.205; 185.212.149.205; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 1C8E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oQG4EudE2uVqkXQjoabrsPGFT84X1PQ-~A&gdpr=0

0
128 B

212ms
67ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oQG4EudE2uVqkXQjoabrsPGFT84X1PQ-~A&gdpr=0
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:02 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oQG4EudE2uVqkXQjoabrsPGFT84X1PQ-~A&gdpr=0
date: Sat, 01 Apr 2023 04:16:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 995a8f930d924c778c584a8fc101a3ea.png
c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/ Frame 9B0F 1 KB
1 KB 50ms
50ms Image
image/png 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/design-store/57d7b22dbd8d3e134cf20f9a/images/995a8f930d924c778c584a8fc101a3ea.png
Requested by: Host:
URL: widget-f30cc679-94c0-407e-921d-5db651b874d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 944d0653cabb6543b4035c991f74a3d94db23bac4b05f44e7bf42ab32835a386

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 01 Apr 2023 04:16:02 GMT
cf-cache-status: HIT
content-md5: sBg/GuNpWi7mr15cMmphoQ==
age: 6110
content-length: 1126
x-ms-lease-status: unlocked
last-modified: Mon, 15 Jun 2020 08:14:13 GMT
server: cloudflare
etag: 0x8D811041715F955
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8a73e034-201e-0091-7d4c-848894000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b0e03b0da49d963-HEL

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 73F4 49 KB
18 KB 290ms
83ms Document
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Sat, 01 Apr 2023 04:16:03 GMT
etag: W/"64243ed7-c28e"
last-modified: Wed, 29 Mar 2023 13:36:23 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: HIT
x-77-nzt: AcO1rgXM7WL/6G8DAA
x-77-nzt-ray: 25b02131fe9ab1a203b02764e46a9b09
x-77-pop: frankfurtDE
x-accel-expires: @1681134107
x-age: 225256
x-cache: HIT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5F8C 0
863 B 68ms
68ms Script
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Apr 2023 04:16:02 GMT
AN-X-Request-Uuid: 627fe6ed-0703-48d4-99c2-ad02137ff6ad
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.212.149.205; 185.212.149.205; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 3EE7
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZCewA2had9wYhgE3V7fsYAAA%265142

86 B
696 B

68ms
67ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZCewA2had9wYhgE3V7fsYAAA%265142
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:03 GMT
content-length: 86
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Sat, 01 Apr 2023 04:16:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZCewA2had9wYhgE3V7fsYAAA%265142
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 73F4 1 KB
767 B 284ms
80ms XHR
application/json 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Apr 2023 04:16:03 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 236118
x-77-nzt: AZySIRBP2L//VpoDAA
x-accel-expires: @1681123245
last-modified: Wed, 29 Mar 2023 10:31:18 GMT
server: CDN77-Turbo
etag: W/"64241376-446"
x-77-nzt-ray: f6587a1dc3d9731a03b02764f26f7826
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B38B 16 KB
6 KB 72ms
72ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=38644
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 01 Apr 2023 04:16:03 GMT
expires: Sat, 01 Apr 2023 15:00:07 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 3EE7 0
277 B 226ms
72ms Image
text/plain 216.52.2.86

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 01 Apr 2023 04:16:04 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 3EE7 0
239 B 65ms
64ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 3EE7
Redirect Chain

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=5053906582621647486

86 B
812 B

68ms
67ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=5053906582621647486
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:16:04 GMT
content-length: 86
content-type: image/png

Redirect headers

location: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=5053906582621647486
date: Sat, 01 Apr 2023 04:16:04 GMT
server: nginx
content-length: 0
content-type: text/plain

GET SPug
simage4.pubmatic.com/AdServer/ Frame 9A43 0
0

GET SPug
simage4.pubmatic.com/AdServer/ Frame 1C8E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=

Domain: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

323 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sharemods.com/	1970-01-20 11:05:32	Name: affiliate Value: MOxTU761B4MMJS9voUK5HzvjIXEgk%2B2moM1j55Gtlh5X5lY9QegpzaBg0Ppry234EyPdOT7Yd4vMTxivzSUb6mVWxmQ%2FHKUtghHm6Bg%3D
sharemods.com/	1970-01-20 10:45:24	Name: stpdOrigin Value: {"origin":"direct"}
forworksyconus.com/	1970-01-20 10:46:48	Name: GL_UI4 Value: eJw9jd1OhDAYRPln1QWdhAfwEaiIwqXZh%2FCSfLSVrQvtplSIb29joldzMjmTCYIgqu4RblmC%2BItaPLbPNeuaruev1DxRJ166diRidd2zkTc9x41aB0fjLF2Cw7qQdYPbEhwnqaVVfOBGyAIP3vprLtrsOkE6WtKiQLp4Yy6Qj9bsq7RVjETTIpGdztb4TBf6NBYxY8yz0p7DGpFZq7i8Rf6utPDD8oiI1WWZBbi7zuQ%2BjF0GJbIQ6WRJSIRvOHBycjL2G7mQ68WZK2BmMfz7v7%2FxzmpkQm6K%2B3PjztL%2BAMpKTew%3D
forworksyconus.com/	1970-01-20 10:46:48	Name: GL_GI10 Value: eJxNjMFqwkAUReOkTRVFeeAHjB%2FQ0AQFuxaCQqmL4noYkmd4NJk3zEyk6dc3bUC6u%2Fdczo2iSKyXIMjCKtvv0jzL02z7muYvO4hrZBDFCRYldya4XhndIjwVZBptKkgc1sQGRLaH%2BZhVyRXCY3F6%2FsdG69J5arWGh5JCD9MjNp7MJ8Hst4%2FefPDuPCZvYXPu5cGhlu980%2FLIPpCp5Qc3XRie5VuoYGYwKG8Rh3hgZ9npgLC807%2FrJIYpeWUdf%2FXJBFaBWvxmg4qvV49hmCe3RPwAKd1RDA%3D%3D
sharemods.com/	1970-01-20 11:28:34	Name: _pbjs_userid_consent_data Value: 3524755945110770
.sharemods.com/	1970-01-20 20:21:22	Name: _ga Value: GA1.2.787666057.1680322558
.sharemods.com/	1970-01-20 10:46:48	Name: _gid Value: GA1.2.372308589.1680322558
.sharemods.com/	1970-01-20 10:45:22	Name: _gat_gtag_UA_15082559_23 Value: 1
.sharemods.com/	1970-01-20 10:45:24	Name: __cf_bm Value: mHNvYytrTOo9LgxxaPY_KP3Qto0IgQprbtrP19.S0CM-1680322558-0-AfnFBCEZtg8RmXlbQTHbRNB1EmHH8fenK/pvaucK1g7Rl4s/7XUYafXHrTkoFKFHQD5lSA0hQ8WwDUPO2Ea2gm35btN8qjayF7Hd1SVysdiCIFMWdm/o8ENjwtz/VrRRnw==
.rubiconproject.com/	1970-01-20 19:30:58	Name: khaos Value: LFXGNZW1-1G-EVW1
.rubiconproject.com/	1970-01-20 19:30:58	Name: audit Value: 1\|hLZGFuTafB1yhM90QdCngZHNGL+qfTatXX/yiME3/MJOa4sXMgO0bqZ8VtiwCBr5SWeAnbRnQspymPvo8pleP5+EAUBqaY/BDlC2QeoPxdw=
.sharemods.com/	1970-01-20 20:06:58	Name: cto_bidid Value: TqXhDF80U2dVdTk1MHdQJTJCUDZYbmxZV0N5MmNaclBxM211QUpTV0l4dmZRNUU0YkxGa1pEJTJCd0dRS24wZ1VxZTFMWGtmMk5lOE1rb1JHTXVoektrUkJlU2NUeG9RSGVtclA0VmM3NjQ2UWlxTkdyR29zZ0tDZHMyVDA2ellRUCUyQmpFem1KUA
.criteo.com/	1970-01-20 20:06:58	Name: uid Value: e6f137f6-0cf4-402a-be5f-0366a8e5a0fe
.sharemods.com/	1970-01-20 20:06:58	Name: __gads Value: ID=758f2039d4a63bbd:T=1680322558:S=ALNI_MZf4tHDFJ82pv3w5kfDoJOaOLlwgw
.sharemods.com/	1970-01-20 20:06:58	Name: __gpi Value: UID=00000bcf12acb52e:T=1680322558:RT=1680322558:S=ALNI_MbLBz3xTOGx2zmcSn6MTIdBBYiftw
.sharemods.com/	1970-01-20 20:06:58	Name: cto_bundle Value: zOSheV80U2dVdTk1MHdQJTJCUDZYbmxZV0N5MmZ5UXdkYjVTc1hsYllWZU0lMkJPcXI1UVI4QmUwdVQlMkZmaVlHQnJxTGczWDBmdFpyNUdWVVliWU1hRyUyQnRjTFNMbjNsaVJDMUxDOVhRRVlsNVpkdmQ1U3BaWVd1akdoSlVINXg5cUR5Zm41bTlWdmU4ckxQQ21NYkhQJTJGYUxnMU5GR1pBJTNEJTNE
.doubleclick.net/	1970-01-20 20:06:58	Name: IDE Value: AHWqTUnfUggLIxY0JB1RXkDCKx4NeTP8lqS2KMev5FUyUmn9lzhGjznH0cWLF93gloA
.bidswitch.net/	1970-01-20 19:30:58	Name: c Value: 1680322559
.bidswitch.net/	1970-01-20 19:30:58	Name: tuuid_lu Value: 1680322559
.sportradarserving.com/	1970-01-20 19:30:58	Name: c Value: 1680322559
.sportradarserving.com/	1970-01-20 19:30:58	Name: zuuid_lu Value: 1680322559
.sportradarserving.com/	1970-01-20 19:30:58	Name: zuuid Value: 72df54e3-2916-4a34-a385-03f4c82e8604
.bidswitch.net/	1970-01-20 19:30:58	Name: tuuid Value: 6e918618-bf76-4108-a909-b5248e6954b4
.sportradarserving.com/	1970-01-20 19:30:58	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 19:30:58	Name: zuuid_k_lu Value: 1680322559
.sportradarserving.com/	1970-01-20 19:30:58	Name: pvc2 Value: htrCVLLBN1lgCFYScU13jPiR_xm48zD54kL5nBrtx1xd5mg_TyUsCjDFAhXDH_2Qu82AP2qLkj09TTVGeBLC0e16x1jljGPlDEw-XLOXAweA0RF-iItVOol4Vb4AP8iEQcyGZ_biyiJnsdzap0gnGLopTLrh-hcDE-xiQiDP8RWSSRuLBMRFuo7qxVEKmOwK0u-R32V11mx4njIJe3PI4igIIqc_I8YjKaD3-IPO7Sp1MEbm_rJTlN3r7pHh4Yd_PVZ7Eg7Zk2vQA-AKf_lsCgyBR-D8kRbZvZCbUB-_duuHB32GeNC5lPKGrO804IwE-oMYeE9-g5hZ91QY-GgD_v7l6gy1puSexK2B83F0lPKhxjbMCaDEVeJ_pOkM9PAXXz3MxHav7L7Bm63VyQKtQJltHfaxPpZDoe8Aw95of-Q0D9jnTEzk9RdArJPcufIPOXyZzy6y9byrxafWCfYr7JttqpTP6vfIy_kG1ZVouXM05eoWNy8FygMxRtiEReyA9YjD5GvXB-BTOFuTrcWd5YLv_KtVliyKA5fTPFq5uGHtkwflppJ0yqlbgyIi7CyppZ_RGVS4sqBLKm4PrwxiTjQHwKGmL7qAO5cD5VhYGZTIOd9ZjgHCrYiiORqkCV2odkYX4Mf8dedeB_iFjJHm_HMqF6Oi_si4vLIhEiC_CyNg6qDDO0850_Qk0PdSrKmkHbT-o7y4IpZP_aEuAKR7fsMYiL22xCpavHkve1PrlQLsGLDjmx6mp7Xvnx3iM2-ACDfq6MdmWAudxfbLWZVJK_9RVYGA9FdVKHBbMPHQZOkxnDELfXlzdK_zQcdnr1VAZupSs6akLsq4lN0VAh4i5G_0gG1cWvAMUfj69Ev2VgXkhrpgMADUt7X65EPoRbEV1dQYLUY7vDSF24J7lSBYB63mLPnODhZ7cJ7KeNhtCO7PxgNK9FnXOjVjziolpSzvmooYh47zgDaEePmzD-WoaozmJkPhSEZuU_Do6X9gDXxMvNxYx1vCchvZUKmfLscBGLboYwVPXcoSEKdtILJAT_6AqNrMI311ibwQrwLuzUT5rnCHBExys4JPszIGpJ0I8xd3NC7INZ3a7iiho_ScP9wIriq8-BmotY5Qtgt5ecs-3AfmbCRiBlhIcCjdZ59syTQGc8xKsYow42ph1DxhcjebbMzHz0WjphfWJ8tfZT2Xi7Req94fkRX7klY,2i9zPqaHMmKDY3rZZfiSpw,gJi0fgoQa2AQAlojWKBI8w,YcTr4vbifBOGGsNh1PY0aw,gJi0fgoQa2AQAlojWKBI8w,pbDuBTS5JM7rl8KJvbiMfg,gJi0fgoQa2AQAlojWKBI8w,szBSpUzciG7g3sxVXKvDyA,gJi0fgoQa2AQAlojWKBI8w,6SNjJKLTaxKI7CrLn5hs8A,gJi0fgoQa2AQAlojWKBI8w,7VuXQr_pJxtwz54nMuY59Q,gJi0fgoQa2AQAlojWKBI8w,oc_TsUrlUfVgXoldeGMDqQ,gJi0fgoQa2AQAlojWKBI8w,-FozAePWnqd8j0YjXcL6pA,gJi0fgoQa2AQAlojWKBI8w,b-SEWzDBJjdgrlJGju2WRg,gJi0fgoQa2AQAlojWKBI8w,VhkJKVm9AUcjCEcB_z0KMA,gJi0fgoQa2AQAlojWKBI8w
.openx.net/	1970-01-20 19:30:58	Name: i Value: 186d45d3-1fdb-499c-8a45-233ddffc5a8f\|1680322559
.pubmatic.com/	1970-01-20 19:30:58	Name: KADUSERCOOKIE Value: 7D82FF0B-E476-4C91-8A18-3F0AFDECA3BF
.adform.net/	1970-01-20 11:28:34	Name: C Value: 1
.de17a.com/	1970-01-20 19:23:46	Name: guid Value: 1.5684008495220697895
match.sharethrough.com/	1970-01-20 10:55:27	Name: AWSALBCORS Value: tuw84DLGg8uGskhD6MA7Z/CA352DV6kVT0ULin0WT17dcJOa4vt4c4AC0wk5kaat6ch5NiOPa7GyamjLzPkOipX8t2iZrgqiZVIwsxsKKlxQdT2FuqIZexC1CAUk
.pubmatic.com/	1970-01-20 12:54:58	Name: KRTBCOOKIE_466 Value: 16530-6e918618-bf76-4108-a909-b5248e6954b4
.mathtag.com/	1970-01-20 20:11:17	Name: uuid Value: f1176427-b000-4900-a10a-105e5bbd44f6
.simpli.fi/	1970-01-20 19:32:24	Name: suid Value: 012140E56105484AA7449370AB1E5B9D
.pubmatic.com/	1970-01-20 12:54:58	Name: KRTBCOOKIE_27 Value: 16735-uid:f1176427-b000-4900-a10a-105e5bbd44f6&KRTB&16736-uid:f1176427-b000-4900-a10a-105e5bbd44f6&KRTB&23019-uid:f1176427-b000-4900-a10a-105e5bbd44f6&KRTB&23114-uid:f1176427-b000-4900-a10a-105e5bbd44f6
.adform.net/	1970-01-20 12:11:46	Name: uid Value: 5053906582621647486
.sharemods.com/	1970-01-20 10:45:22	Name: _gat_onn_tracker Value: 1
.pubmatic.com/	1970-01-20 12:54:58	Name: KRTBCOOKIE_80 Value: 22987-CAESECGWpk2gQdgfb-4li73Vveo&KRTB&16514-CAESECGWpk2gQdgfb-4li73Vveo&KRTB&23025-CAESECGWpk2gQdgfb-4li73Vveo&KRTB&23386-CAESECGWpk2gQdgfb-4li73Vveo
.pubmatic.com/	1970-01-20 11:28:34	Name: KRTBCOOKIE_336 Value: 5844-5684008495220697895
.pubmatic.com/	1970-01-20 11:28:34	Name: KRTBCOOKIE_391 Value: 22924-5053906582621647486&KRTB&23263-5053906582621647486
.adform.net/	1970-01-20 10:55:27	Name: TPC Value: 1680322560117
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: f8867e9487fb9002
.adnxs.com/	1970-01-20 12:54:58	Name: uuid2 Value: 1178593671962508712
.ads.pubmatic.com/	1970-01-20 10:46:48	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 12:54:58	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 10:46:48	Name: pi Value: 156191:4
.pubmatic.com/	1970-01-20 12:54:58	Name: SyncRTB3 Value: 1681516800%3A8_3_220_54_21_13_161_7_56_251%7C1681603200%3A35%7C1680912000%3A223
.linkedin.com/	1970-01-20 19:30:58	Name: bcookie Value: "v=2&ee084aff-2c6f-4917-863e-880c5e1fd8af"
.linkedin.com/	1970-01-20 15:04:34	Name: li_gc Value: MTswOzE2ODAzMjI1NjI7MjswMjHUtq79EvCkn0q/l2zsfj22ul5He/AycU60whPQn7/pdg==
.linkedin.com/	1970-01-20 10:46:48	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2494:u=1:x=1:i=1680322562:t=1680408962:v=2:sig=AQFhDPjBvI6uYSAxGcmqc7MPe6ZxmIoS"
.amazon-adsystem.com/	1970-01-20 20:21:22	Name: ad-privacy Value: 0
.as.ck-ie.com/	1970-01-20 10:55:27	Name: CID Value: 02783d4661409a90850bfee1aaa3f0645b432b0d
.pubmatic.com/	1970-01-20 12:54:58	Name: KRTBCOOKIE_57 Value: 22776-1178593671962508712&KRTB&23339-1178593671962508712
.quantserve.com/	1970-01-20 12:54:58	Name: d Value: ELsBCwHTKPijAA
.quantserve.com/	1970-01-20 20:15:36	Name: mc Value: 6427b002-b0640-61c1e-2bdc7
.yahoo.com/	1970-01-20 19:31:20	Name: A3 Value: d=AQABBAKwJ2QCEIQK69-DJ_JgwAhJEQB2u44FEgEBAQEBKWQxZAAAAAAA_eMAAA&S=AQAAAreXy2V7xKXE1pz5PymFQ9k
.pubmatic.com/	1970-01-20 12:54:58	Name: KRTBCOOKIE_153 Value: 1923-eQS0OS0AtjxiUrY4ewCrOH5Tt2tiAuRqLAfGzbg6&KRTB&19420-eQS0OS0AtjxiUrY4ewCrOH5Tt2tiAuRqLAfGzbg6&KRTB&22979-eQS0OS0AtjxiUrY4ewCrOH5Tt2tiAuRqLAfGzbg6&KRTB&23462-eQS0OS0AtjxiUrY4ewCrOH5Tt2tiAuRqLAfGzbg6
.pubmatic.com/	1970-01-20 11:28:34	Name: PugT Value: 1680322562
.amazon-adsystem.com/	1970-01-20 17:21:22	Name: ad-id Value: Az3FlbUdGUe6kFUPfb7rUiA
.analytics.yahoo.com/	1970-01-20 19:30:58	Name: IDSYNC Value: 18z8~2au4
.pubmatic.com/	1970-01-20 11:28:34	Name: SPugT Value: 1680322562
.casalemedia.com/	1970-01-20 19:30:58	Name: CMID Value: ZCewA2had9wYhgE3V7fsYAAA
.casalemedia.com/	1970-01-20 12:54:58	Name: CMPS Value: 5142
.casalemedia.com/	1970-01-20 12:54:58	Name: CMPRO Value: 5142
.adxpremium.services/	1970-01-20 12:54:58	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJaQ2V3QTJoYWQ5d1loZ0UzVjdmc1lBQUFcdTAwMjY1MTQyIiwiZXhwaXJlcyI6IjIwMjMtMDQtMTVUMDY6MTY6MDMuNzc2NjIxNjM5KzAyOjAwIn0sInNtYXJ0eWFkcyI6eyJ1aWQiOiIzNDkyNzkxNTY1NmVlNjI3M2VlNzY4MzIzMzk3N2IwMzkyZGE4NTYzNTBiZjZkYmYyM2EyODMzZDMyYTMzYjg2IiwiZXhwaXJlcyI6IjIwMjMtMDQtMTVUMDY6MTY6MDIuODYxNTE1NzQ0KzAyOjAwIn19LCJiZGF5IjoiMjAyMy0wNC0wMVQwNjoxNjowMi44NjE1MTU0MjYrMDI6MDAifQ==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJpPpkt-yelGZPOZF06N3zU&google_cver=1 Message: Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3fbb2638b8924c5cacad8808a84c61ab.safeframe.googlesyndication.com
a.ad.gt
a.sportradarserving.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
adservice.google.com
adservice.google.fi
adxbid.info
ap.lijit.com
api.btloader.com
as.ck-ie.com
ats.rlcdn.com
aws-fr-sync.bidswitch.net
bcp.crwdcntrl.net
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
c.bannerflow.net
c1.adform.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.onnetwork.tv
cdn.prod.uidapi.com
cdnt.onnetwork.tv
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
cookieinfoscript.com
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
eb2.3lift.com
esp.rtbhouse.com
eu.sportradarserving.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
forworksyconus.com
ghent-aws-fr.bidswitch.net
google-bidout-d.openx.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
match.adsrvr.org
match.sharethrough.com
maxcdn.bootstrapcdn.com
mug.criteo.com
node.setupad.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partners.tremorhub.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubads.g.doubleclick.net
px.ads.linkedin.com
rtb.adxpremium.services
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sharemods.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum.casalemedia.com
st.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
stpd.cloud
sync.mathtag.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
user-sync.adxpremium.services
vid.vidoomy.com
video.onnetwork.tv
vpaid.vidoomy.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
simage4.pubmatic.com
104.109.78.125
104.26.8.178
108.138.1.25
108.138.4.150
130.211.23.194
135.125.163.79
142.250.185.98
142.91.159.92
143.204.89.24
147.75.85.234
159.89.25.223
162.19.138.117
172.217.18.6
172.67.73.233
178.250.1.11
178.250.1.9
178.32.200.56
18.156.40.75
18.66.97.9
185.106.140.18
185.184.8.90
185.255.84.150
185.29.132.245
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.64.190.89
185.80.39.216
185.83.142.19
185.86.138.122
198.148.27.133
198.148.27.139
198.47.127.20
213.155.156.182
216.52.2.86
23.35.236.188
23.35.236.201
23.67.137.210
2600:1f18:612b:4232:cba0:4e0e:1b37:264e
2600:9000:2250:8600:a:e047:752:b361
2602:803:c004:200::140
2606:4700:10::6816:3556
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:3031::6815:5dd2
2606:4700::6810:5814
2606:4700::6812:1f31
2606:4700::6812:bcf
2606:4700::6812:d32c
2606:4700:e2::ac40:840f
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a00:1450:4001:803::2004
2a00:1450:4001:810::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a02:6ea0:c700::11
2a02:6ea0:c700::17
2a02:fa8:8806:13::1460
2a05:d018:d29:3601:eb09:ecfd:dac6:f566
2a06:98c1:3121::3
3.122.65.81
3.123.60.58
3.124.62.252
3.211.25.228
3.67.31.64
3.71.149.231
34.102.146.192
34.120.107.143
34.96.70.87
34.98.64.218
35.190.39.111
35.204.74.118
35.71.131.137
37.157.4.39
37.157.6.235
37.157.6.246
37.157.6.253
5.135.105.236
51.89.9.254
52.18.27.55
52.46.151.131
67.220.228.200
69.173.144.138
69.173.144.165
76.223.111.18
8.2.110.113
87.98.236.115
008161c189e893c7422b3220bdcccd7ce8709a55fff6d6fa17dbc572040c6c9b
013aabe6a5fe6bff034c59ef1839ca770ebab2baa66c160efef5331229b98969
016d997dca8fd88c17580000bbd62925b0925f0e888245acdf83a238fef8f15c
0276c38bdce11b6761cc269e4ad45e261b186650699db6a481c7df95173d04e9
05446dec89a0469d29debd430cf07db33e81dbe9fc620e0d2205f22a81e19386
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
0913ffc67cfdfb69fb6db7be06be5445f92be9bdf5de322645778f1ab365f097
099c242b7f21357ba887e27ac080dd6799d369d07511e1a788c633f40a6790b0
09c5f785dfe6d5dc51053557c8a9f51d0464f8d13a028aa6808b02fe248f3521
0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d634380c0ecad3bef7b74f385f0f030f3049bb53dd8ed5cb872b7edd57b70e8
0f624b30f3395d217eaa2571be70f7ab961f9dda7e0ebd73417887886464663f
1001142d54c8f05d4af1e0386f0892f185c9a6a91686c8a844a46f0260dd3baa
1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2
137b7e16607cc0bb3b770b248c263e600e979c12150d221f4687b40f4f08b3e3
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
1458c65cd927c3e5bf35667665280eaaf849eef09ed217983334c5c8a78f6759
1799f6ad6e4f1eb2f2df98fe33e271dbc6754079c578603eb94716b8c9659545
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dcb7dd04ba2c95d3763a52d6349263f3aa3f11f8a36866adc4e59fd65d68f43
1f5957d35a76f94ce9874e4cf3c446b1499b158a5dc064f72a13de4a074f4ae8
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20f72a687bab9acebcae8ab16c5916abf9c8e8aa1429173d48e697f4940214f4
216091a0608d0334cd2eaadadb46645f75dcfd314885e103f60b0f5b51200702
21c1e3378548c13aaea0882718015adc92c9b8a396aa8172fc097ba46989e782
22823302cb82d192855b9a834b6dedb26d10b121bba8e5e34f5c53b3ff91182b
22ad2128b1deb43013eed402a95a4f89c2e62822fbde21e1e073807678a048f4
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
250e367ff82ec35e8bdfd782251214c82c9f22640a2b994ecbfdb185c1f28f56
25370fe82dae8bae3881885339ccb49e13351e30f3dddf4085a9cd712e03e96c
257e82e113d318281d1afc2064e972811a73155e4ad6dd1513bb8ff75dc033d4
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29459501fa632bafc27ac66fb80d10c7275aca6ca01634365a620e19962f2ee0
2a25fe0743cd802ae1b35266a1ec1736e6ce2aae67b822ad2e8ac2832f7f5fdc
2b528567148a28f79ebc9f92eee7973be173857c6329020a007a8983c06c30fc
2eb7c8a9879ce9baeaa8e0fb049ef850d59b9885ccb47cfa5b63927f03ed32e4
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08
32462362c004d284e60836aa8021459c4b44ddb59138aa8b90171a09b683458e
32b32f359fcd2390e58be51e389c58c6236bb2df83b4b981e9648fb9ed90b886
33971d482ae91584a3ba003f93c414ef027b16400187bff97b5df45de853e867
3835f7973691f07d83654d6d59cc5908ed4d6ad527f65685f65b110f67c9fbe2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
3fc0be460ee74b5c2ba429daec34048b06bb869085dd78f3d80e8da03596762c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff6be8f3b815dfa79d5ca2e915bd5c2d96bf3133c7b6dbc50f87849933bc818
40661a4f1d23c164d75023f2b9c8b8f767c2ed085e458cc99beb317aa4105dc3
4271be75b6549727b2f6b020a48a3df7d47a7e97f70371379935d25d52dbdd2a
427d2469e4fd39502812866a770914f6e9cf3090d93e84090d4908f58e83ee2d
43f7beebc22497f827ada6ee9c1f2e5b84264621a69bd47c9130709f3ce47f13
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b11306ab255ad6e7c8caa7a38f95779ff9bf509d855f60efbe440ce9d162627
4eead1a11f9e744413f227f47ffbb38f0d8ab89473511741ebb4aedec507fc5c
4ef1406e04cd0007b680fd5af2737e99d537f913b303671ca4a97f4c7a008bc0
4f03ad1bd4bedf3947d539b724f56d424450dbada87a62bdc6456ef14fa0d2d8
50a488a03d39e68d48aa62facdce0659612e09d6857b5ab20e968a44d1d849c1
5211a382edbdc5735bcef4a602013024eacec74802285bfe83e19f6b90a7b921
52592c8e3fa87fa00e7ad943311a53b2150c0ced47b3eface98148aa530fa6e0
5337d6c375e6696b884f8160c13d6d9901edc24556613410fe5f25da0e14d294
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53b10ce8b5d68f897bf237ff38b74ccfbf52f710b27b41fa2c12f829f6b6b232
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ef3ff6a209964cf970979ff12878eb0f1d1a1a8cb29049bd6fa5836893c0e5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59b3cd5e8d2207976f8f687c84eba22d83cf960318fa8f7a6f31022ef4e69208
5c8fb9a9b29b8d0bd1d18932733df8b93d09ac87eda78b8e5c6f1aef17938e2d
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e7427b8419cc7f191acc60e33a1afa153c59423f183182cb731f8a9f0c612d4
6fc96bd4bbaeb5f4f6b9ea81d2f995711064f7ca8e90362892122de20bbfba2e
6fd34d0d8319b10b5091fe5deae678ef7a153b7392ac19cbed43a05244ab322a
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74b70db5e11d6d18c8d830a5b8b00994e8442a94b248808d9ac6bcc725db7933
78ecff424e1454093c5ae95d69d65daa6a558fc90c8c67ae12e0f0947fd8daa1
7b23133f4d9d68606733450bb00c45eb13617399642f930bedfa59557032f7e8
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5
825d66786fe05b260559198916dfa1c4eb211f8d12fc4a00f962bb1a1ef04c72
831f338d3b8d071bc5507cb8e5f0ad99e0a60d258b76e7d9cd0c14b60134490f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86664688e5edd120ed97630748a5ef616058efd0581bc873e7758d72cce1bc5f
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
8ee20b0a59b8ff59e7b7ef0ab572087dcd1acb8ddf3e8d9766b4179366a22c9a
8ff137bded249186aa62ccd3ff67d53e4c98492138f3ffc871323adc0ecc514d
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
920230cba1a6e09330a6cc76c634c78e547fcf67b7a9cc03213dde43ceea0baa
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
939919488f3ad816cb78b5d032ae673c1c02c88b238cfdb6e1328cd5d04d7947
944d0653cabb6543b4035c991f74a3d94db23bac4b05f44e7bf42ab32835a386
96b6699e3a973ab510829695cb2d20e3b53134910e5e3d692140b4d42dd70be0
971ee47efa3517204e4cf69c23c891f00cb2da7e88fd3381e5b6e12ccbb113b3
98aa28c27ee6247372e211b32468d43ef0bfb19504ef9c9120756dd7d3f5c5e0
99c72628a2383f86fd495d26b26b7108eb6c97ac974c0d229a540c99be294ced
9a493c7b6b2c0149cd999f3d0509d7e3b4880a215a1a8bbcc7a6775aaf2b96c5
9b9da2c699e261cfbe0274b650d76cf0d816de1b920fabd870ee57e6895cec02
9d3408c434b8ef6e65da5e10bf340e78161fece1e14e41475527e07f9f4647bd
9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884
a005fb453ccfa3f6b4b1a8a27422f715207023b71b6d5002f49994568d996d97
a047966d3c0ed05f72265927a8da060dd7ea679891268ce64ddb3c537bdc3e9e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1da28e800518ff1302a3a67c4e4876910229c52554291a25b280dcd01d42ea6
a49fdaae52d1d7c7c807e568eb85ddc874b207a267f077b28b4e1cc00918ac58
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
a730b4b0b939fbacf960275cb2533e36e67d140638c478374a2de0142af1bd14
aaca8346c787d53e7cb3432737acabd1880cde83b7f78514f05b23363ecce971
aafbf96070bb2b725210130adc58aefcbf4449165b24154975d2f5ab3bfa4fa4
acc10075f8a131d9d211392f34ae81cdaabe8f778ed9d1da3953d713584a20d2
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6939b3c7a94b19614b70cb0ce5811461804e0f96389441ca8d35b01983abb58
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b8e506fe7b909cda38ab34dc7806d8bdc969a6e848703ce607e9240f99970483
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586
c00fd1fce75f8aaf02c223b7140caf4b537e7c5660c7bba78a63d799baaf5cbb
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3a6a2975a447b91f04a8417a85ccace2f1ff9c93703f92df1800979cb7a4830
c3eefd5595d59072bfa4e2fe0f26df33c1013b7eeb3f1176c0b411b14c14f8df
c6fe8a139e17a9d1dd0e0991793852891da0a912a87cf78f23186e2edfd4b0ad
c73a963bb19a3a2029c43c1f083559b4f64616ae2b2ba25a37203189f6ef4e1b
c79dc0e8997251328e5a193eeb716c6eebc4e6e3a19f70e5f35c49fa3c94adc6
c9c5ec4817f539b9a78ce1033f0a3bb2e7be2ca4efbaf5f4b8d27c05c66008d5
ca3eb200a2e7e5fade3e2165d9a23cdf9bf400a40a7c40681aa7598f86b2ec93
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cdd297e5776f28ee5b5a48f5f839bfb108c0fc008e43829f8d0f0986f9632273
cde08c04d2dfe9d4f956464bcd30c28be9c1b73e29922ad190a54094dc3627ef
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a
cf20da05e001783a309414cbdf571871bc8ede3ec9af0c06999b00af7df4053b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d040ca5b4ddfc7d518c8845a34dd6ae312bbc6221767fdd76738e3a9e2c88cf5
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e4c69c9b40671c663c0ba214736491997983b015a02ba76ee8650668e5c406
d0edf1927135c047b8d8ebbe9f7b3cc8259b3dd8dbcd9ecb859a4cca51bd99ed
d174b44385b81158573717412867bdde8c1641dbb83e086f7794aa3789e023aa
d1ab33562ad429a3c309b81313bbdebc4b4ff7c769b43b328c16965da50ef28b
d2b38ebcfbee4ba2131fec10762b0a92ccb03c8d3d220c9eda249e9e1708888f
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d76b2cfa829493369c8998a7188d559c5fdf7a04d1420f846db44da566e85e09
d839b841c67d8432f1b57fb2b269880d348c354b70a6064a397334f065a108ec
d857fbeb138f0667baef8eda750d1afb7186b6661c287f65a0b59c26acc1c056
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d98121a51ed3f911f519cf42be28225dc26b4c9d61cfab0a580118e5c3447463
dbf11abca74e22acc16d6f72cb672a2abaa57cf0c32700ec02ebbec1129d9a3c
dce3f3efa10a5029a5d3d94edc4146ffa17bdc14bbc706bc6bbdd6dcba3c7fbe
dd03b15a44f07b09f3f42aa942f118b96358404524ed9de78d1a36e992dc5701
dd39f3e498ab80f5f15e6d73a95de93e86db5a074748adf31afd850128640f14
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
df15e63ad5ce4b1384a4625f4c6797a30e4d74dadd0ffc8346cb85d94d8e73bc
e160ac8bc2e74f2eb3835677318da6c6b1bd0b678b41b183555a0f08f3b473c4
e31eb2170adca02942c01217c37a49a84887f4703f7bc7ebbf64f1d60326822c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e473769e129230a0e1c00bd3938489769c24d0ce4783f627421dfa5a38e6829f
e52d55741e1de8af5ee31084ae7dfe53b1ee4148ccfae0fcccfe67affdd40773
e7dfe0ab6f09b2b9903d76f2c8e7a7cb6ab19ca90defc5c7bb44f270a3671625
e907b3ec059aab3da287d45e3829f8a8b5ac487dc064d2d0496f711c6dadee08
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
ea7f035b47da981f01e9f8291473c0aa416f7d24ee8f530b7d702e8545f3c3bf
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
ecbf6d6656265f18d769dd41ba02f631a3be0a8a1fb446ce7ab0949bae8eaee2
ee627640d99d0061c431a7eb0cf6523c6fda4148a5aeaab5c14400c1b74d8723
eeb373b5b3860b665126c5b1e9c6654868aec3d4bd993bb7b09ff4b158e149ac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17a6c7a61593005b4d3f273d3728c956bf8f711bc5acc4205c8350ccb19d102
f2109553ad3bfed82dd98c75faa941072d7ba84647bb6156dc5f8586e4f3652d
f404a2e555dfdf4b8abd0680b75f19b7479e19aa0ec0c7f75cab5860680ba2f7
f5b03be2d5c0a5e20b82f882fb852f42700e9a80dc732835172217ab2643b2b3
f64df84e5c8da743bd56b80f7cdf4a57e4db038d956599772a1aebd8809e3a39
fb6cef3eb76ec26c8bb8cb59e1ccf16d2facd9a1c387978948ce98664d2ca71f
fe329b568b00b8b2526c83653449fc8ee68dc115bc8640e32df8c052e323a028
ff2ae6650c1218c3a28c967120661bfa3f79ca48b283cf86ac625a95f5cde65d
ffbfb8cd84ca1d7f023db4a5680fc2a20f4500c8929d5aca864bb37d9773d7df

sharemods.com Open in urlscan Pro 172.67.73.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

323 Requests

90 %HTTPS

37 %IPv6

66 Domains

110 Subdomains

93 IPs

12 Countries

4155 kBTransfer

9421 kBSize

65 Cookies

1 Outgoing links

Redirected requests

323 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sharemods.com Open in urlscan Pro
172.67.73.233 Public Scan

Screenshot
Live screenshot

Full Image

323
Requests

90 %
HTTPS

37 %
IPv6

66
Domains

110
Subdomains

93
IPs

12
Countries

4155 kB
Transfer

9421 kB
Size

65
Cookies

323 HTTP transactions
7 data transactions