urlscan.io logo urlscan.io
SecurityTrails logo

admin.s21.lol Open in urlscan Pro
141.11.184.118  Public Scan

Go To Rescan Add Verdict Report
URL: https://admin.s21.lol/
Submission: On January 17 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 121 IPs in 7 countries across 100 domains to perform 410 HTTP transactions. The main IP is 141.11.184.118, located in Amsterdam, Netherlands and belongs to NFORCE, NL. The main domain is admin.s21.lol.
TLS certificate: Issued by R3 on January 17th 2024. Valid for: 3 months.
This is the only time admin.s21.lol was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 141.11.184.118 43350 (NFORCE)
5 2600:141b:1c0... 20940 (AKAMAI-ASN1)
63 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 18.164.101.60 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:247... 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 146.75.28.157 54113 (FASTLY)
1 34.231.207.29 14618 (AMAZON-AES)
2 104.244.42.133 13414 (TWITTER)
2 104.244.42.131 13414 (TWITTER)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2620:1ec:bdf::40 8075 (MICROSOFT...)
1 13.225.63.113 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
1 18.164.115.222 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.116.18 16509 (AMAZON-02)
4 8 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 75.2.104.6 16509 (AMAZON-02)
2 99.83.154.140 16509 (AMAZON-02)
2 57.128.96.93 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 20.114.189.70 8075 (MICROSOFT...)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 18.173.132.10 16509 (AMAZON-02)
1 54.230.163.113 16509 (AMAZON-02)
13 2607:f8b0:400... 15169 (GOOGLE)
1 3 2620:116:800b... 14618 (AMAZON-AES)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
1 2 35.244.193.51 396982 (GOOGLE-CL...)
3 74.119.119.139 19750 (AS-CRITEO)
3 162.19.138.119 16276 (OVH)
1 34.225.182.250 14618 (AMAZON-AES)
1 2 35.169.211.189 14618 (AMAZON-AES)
5 6 35.71.131.137 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 104.36.115.111 62713 (AS-PUBMATIC)
5 35.186.253.211 15169 (GOOGLE)
5 52.202.239.95 14618 (AMAZON-AES)
5 2602:803:c002... 26667 (RUBICONPR...)
5 2606:4700:440... 13335 (CLOUDFLAR...)
2 14 104.18.36.155 13335 (CLOUDFLAR...)
5 2620:100:a001... 19750 (AS-CRITEO)
5 14 68.67.181.211 29990 (ASN-APPNEX)
5 63.251.86.50 10913 (INTERNAP-BLK)
5 35.211.156.215 19527 (GOOGLE-2)
1 2600:9000:21d... 16509 (AMAZON-02)
2 18.238.64.130 16509 (AMAZON-02)
5 108.138.126.121 16509 (AMAZON-02)
3 145.40.89.32 54825 (PACKET)
10 35.241.34.106 396982 (GOOGLE-CL...)
2 44.228.12.48 16509 (AMAZON-02)
1 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.65.230 15169 (GOOGLE)
1 13.35.93.37 16509 (AMAZON-02)
1 23.7.29.146 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 2600:1f18:730... 14618 (AMAZON-AES)
2 3.220.30.119 14618 (AMAZON-AES)
2 162.19.138.82 16276 (OVH)
9 2607:f8b0:400... 15169 (GOOGLE)
1 13.32.151.21 16509 (AMAZON-02)
12 2001:4860:480... 15169 (GOOGLE)
9 86.109.7.56 54825 (PACKET)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2 20.110.205.119 8075 (MICROSOFT...)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:24f... 16509 (AMAZON-02)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 44.205.136.188 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.18.38.76 13335 (CLOUDFLAR...)
2 8 34.98.64.218 396982 (GOOGLE-CL...)
2 23.56.163.106 16625 (AKAMAI-AS)
2 23.56.163.14 16625 (AKAMAI-AS)
1 23.56.162.249 16625 (AKAMAI-AS)
3 12 35.71.139.29 16509 (AMAZON-02)
6 7 35.211.178.172 19527 (GOOGLE-2)
12 16 142.250.65.162 15169 (GOOGLE)
4 5 34.200.65.202 14618 (AMAZON-AES)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 2 107.178.254.65 15169 (GOOGLE)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
2 3 151.101.66.49 54113 (FASTLY)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
3 8 52.46.128.147 16509 (AMAZON-02)
2 2 185.167.164.39 198622 (ADFORM)
2 2 74.119.119.150 19750 (AS-CRITEO)
1 104.36.115.113 62713 (AS-PUBMATIC)
3 3 54.85.14.136 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
2 2 108.138.106.17 ()
2 2 199.38.167.130 54312 (ROCKETFUEL)
2 2 34.171.234.26 396982 (GOOGLE-CL...)
1 1 23.83.76.69 395954 (LEASEWEB-...)
3 3 207.198.113.93 13768 (COGECO-PEER1)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
4 4 2606:ae80:145... 25751 (VALUECLICK)
13 18 69.173.151.100 26667 (RUBICONPR...)
2 2 173.231.178.82 32475 (SINGLEHOP...)
2 22 8.28.7.83 62713 (AS-PUBMATIC)
8 8 52.6.152.202 14618 (AMAZON-AES)
1 1 2603:c020:400... ()
1 1 198.148.27.131 ()
1 1 23.105.12.120 ()
1 169.197.150.7 398989 (DEEPINTENT)
2 2 52.4.159.125 14618 (AMAZON-AES)
2 2 54.160.64.36 14618 (AMAZON-AES)
1 1 54.204.112.220 14618 (AMAZON-AES)
1 2 54.211.17.237 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 35.214.182.194 15169 (GOOGLE)
1 40.76.134.238 8075 (MICROSOFT...)
2 162.248.18.34 62713 (AS-PUBMATIC)
1 1 54.157.70.26 14618 (AMAZON-AES)
1 50.16.139.245 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 52.95.125.22 ()
1 1 2600:9000:251... ()
1 1 2600:9000:251... ()
1 18.164.96.92 ()
1 23.40.179.147 ()
1 63.251.86.49 ()
1 54.156.118.43 ()
1 147.75.195.77 ()
410 121
6    141.11.184.118 (Amsterdam, Netherlands)

ASN43350 (NFORCE, NL)
admin.s21.lol
5    2600:141b:1c00:1296::268b (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
63    2606:4700:20::681a:b61 (United States)

ASN13335 (CLOUDFLARENET, US)
foreignpolicy.com
www.foreignpolicy.com
4    2607:f8b0:4006:809::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:e2::ac40:8e06 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    18.164.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-101-60.jfk50.r.cloudfront.net
cdn.parsely.com
1    2607:f8b0:4006:80b::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    2607:f8b0:4006:823::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:247b:9200:6:eea:300:93a1 (United States)

ASN16509 (AMAZON-02, US)
lngtd.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    34.231.207.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-207-29.compute-1.amazonaws.com
srv-2024-01-17-14.pixel.parsely.com
2    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2606:4700::6812:b07e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tinypass.com
id.tinypass.com
4    2607:f8b0:4006:821::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
s.lngtdv.com
1    2600:141b:1c00:8::1728:b316 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    13.225.63.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-113.ewr53.r.cloudfront.net
ak.sail-horizon.com
2    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
experiences.mrf.io
5    2607:f8b0:4006:816::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    18.164.115.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-115-222.jfk50.r.cloudfront.net
cdn.amplitude.com
1    2607:f8b0:4006:81d::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
5    2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.164.116.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-18.jfk50.r.cloudfront.net
floors.lngtd.com
8    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    75.2.104.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: a710cf531d4cd2506.awsglobalaccelerator.com
api.sail-track.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
2    57.128.96.93 (Paris, France)

ASN16276 (OVH, FR)
PTR: haproxy05.cl11.ovh.mrf.io
events.newsroom.bi
1    2606:4700::6811:c376 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
4    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2607:f8b0:4006:806::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.173.132.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-10.jfk52.r.cloudfront.net
config.aps.amazon-adsystem.com
1    54.230.163.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-113.ewr53.r.cloudfront.net
client.aps.amazon-adsystem.com
13    2607:f8b0:4006:81e::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
3    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    34.225.182.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-182-250.compute-1.amazonaws.com
idx.liadm.com
2    35.169.211.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-211-189.compute-1.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
6    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
longitudeads-com.videoplayerhub.com
1    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    2606:4700:4400::6812:2b5a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
5    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    52.202.239.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-239-95.compute-1.amazonaws.com
tlx.3lift.com
5    2602:803:c002:200::43 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
14    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
r.casalemedia.com
dsum.casalemedia.com
5    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
14    68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
5    63.251.86.50 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
5    35.211.156.215 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 215.156.211.35.bc.googleusercontent.com
grid.bidswitch.net
1    2600:9000:21dd:8200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    18.238.64.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-64-130.jfk52.r.cloudfront.net
c.amazon-adsystem.com
5    108.138.126.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-126-121.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
3    145.40.89.32 (Ashburn, United States)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
10    35.241.34.106 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 106.34.241.35.bc.googleusercontent.com
c.4dex.io
2    44.228.12.48 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-12-48.us-west-2.compute.amazonaws.com
api2.amplitude.com
1    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.65.230 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net
ad.doubleclick.net
1    13.35.93.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-37.jfk50.r.cloudfront.net
ats.rlcdn.com
1    23.7.29.146 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-29-146.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2600:1f18:730:b120:d04c:f745:6075:4698 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
2    3.220.30.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-30-119.compute-1.amazonaws.com
rp4.liadm.com
2    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
9    2607:f8b0:4006:81d::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    13.32.151.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-21.iad66.r.cloudfront.net
geo.privacymanager.io
12    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
it.lngtd.com
9    86.109.7.56 (Ashburn, United States)

ASN54825 (PACKET, US)
stats-collector.cxense.com
3    2607:f8b0:4006:80f::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
6    2607:f8b0:4006:80c::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:24f1:dc00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    44.205.136.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-136-188.compute-1.amazonaws.com
ping.chartbeat.net
1    2606:4700::6812:eff8 (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
addkt-d.openx.net
us-u.openx.net
2    23.56.163.106 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-106.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    23.56.163.14 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-14.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.56.162.249 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-249.deploy.static.akamaitechnologies.com
acdn.adnxs.com
12    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
7    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
16    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
cm.g.doubleclick.net
5    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    2600:1f18:4e9:5a02:bfa:a46e:1266:8631 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
8    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    54.85.14.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-14-136.compute-1.amazonaws.com
i.liadm.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    108.138.106.17 (None, )

ASN- ()
live.rezync.com
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    34.171.234.26 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.234.171.34.bc.googleusercontent.com
um.simpli.fi
1    23.83.76.69 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync.smartadserver.com
3    207.198.113.93 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
4    2606:ae80:1450:15::1690 (United States)

ASN25751 (VALUECLICK, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
18    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    173.231.178.82 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
22    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
8    52.6.152.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-152-202.compute-1.amazonaws.com
match.prod.bidr.io
1    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (None, )

ASN- ()
sync.technoratimedia.com
1    198.148.27.131 (None, )

ASN- ()
bh.contextweb.com
1    23.105.12.120 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    52.4.159.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-159-125.compute-1.amazonaws.com
t.pswec.com
2    54.160.64.36 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-64-36.compute-1.amazonaws.com
pm.w55c.net
1    54.204.112.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-112-220.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    54.211.17.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-17-237.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    35.214.182.194 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 194.182.214.35.bc.googleusercontent.com
csync.loopme.me
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
2    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    54.157.70.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-70-26.compute-1.amazonaws.com
sync.ipredictive.com
1    50.16.139.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-139-245.compute-1.amazonaws.com
rtb.adentifi.com
2    38.98.69.175 (North Bergen, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    52.95.125.22 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    2600:9000:2512:b200:1a:5235:f980:93a1 (None, )

ASN- ()
live.primis.tech
1    2600:9000:2510:4200:1b:6b7d:2300:93a1 (None, )

ASN- ()
sync.intentiq.com
1    18.164.96.92 (None, )

ASN- ()
sync1.intentiq.com
1    23.40.179.147 (None, )

ASN- ()
hb.yahoo.net
1    63.251.86.49 (None, )

ASN- ()
ce.lijit.com
1    54.156.118.43 (None, )

ASN- ()
match.sharethrough.com
1    147.75.195.77 (None, )

ASN- ()
prebid.a-mo.net
Apex Domain
Subdomains		 Transfer
63 foreignpolicy.com
foreignpolicy.com — Cisco Umbrella Rank: 153872
www.foreignpolicy.com — Cisco Umbrella Rank: 441094
9 MB
36 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
ad.doubleclick.net — Cisco Umbrella Rank: 163
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
248 KB
32 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
simage2.pubmatic.com — Cisco Umbrella Rank: 870
image2.pubmatic.com — Cisco Umbrella Rank: 912
image4.pubmatic.com — Cisco Umbrella Rank: 1237
simage4.pubmatic.com
34 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
29 KB
18 amazon-adsystem.com
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
client.aps.amazon-adsystem.com — Cisco Umbrella Rank: 12353
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com
74 KB
17 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 581
eb2.3lift.com — Cisco Umbrella Rank: 412
8 KB
17 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1603
mp.4dex.io — Cisco Umbrella Rank: 2539
c.4dex.io — Cisco Umbrella Rank: 5844
26 KB
17 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5068
p1cluster.cxense.com — Cisco Umbrella Rank: 9714
comcluster.cxense.com — Cisco Umbrella Rank: 4535
id.cxense.com — Cisco Umbrella Rank: 10570
stats-collector.cxense.com — Cisco Umbrella Rank: 56265
88 KB
15 googlesyndication.com
c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
813 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
acdn.adnxs.com — Cisco Umbrella Rank: 598
29 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
r.casalemedia.com — Cisco Umbrella Rank: 1743
dsum.casalemedia.com — Cisco Umbrella Rank: 1367
7 KB
14 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
bidder.criteo.com — Cisco Umbrella Rank: 679
dis.criteo.com — Cisco Umbrella Rank: 608
11 KB
14 lngtd.com
lngtd.com — Cisco Umbrella Rank: 15970
floors.lngtd.com — Cisco Umbrella Rank: 24995
it.lngtd.com — Cisco Umbrella Rank: 17224
2 KB
13 openx.net
rtb.openx.net — Cisco Umbrella Rank: 625
addkt-d.openx.net — Cisco Umbrella Rank: 58887
us-u.openx.net — Cisco Umbrella Rank: 524
3 KB
12 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1225
x.bidswitch.net — Cisco Umbrella Rank: 373
5 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 154
4 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
4 KB
9 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
www.linkedin.com — Cisco Umbrella Rank: 632
px4.ads.linkedin.com — Cisco Umbrella Rank: 6550
6 KB
9 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
t.clarity.ms — Cisco Umbrella Rank: 6984
c.clarity.ms — Cisco Umbrella Rank: 1351
29 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
4 KB
8 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2032
rp.liadm.com — Cisco Umbrella Rank: 1497 Failed
rp4.liadm.com — Cisco Umbrella Rank: 7027
i.liadm.com — Cisco Umbrella Rank: 550
3 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
ce.lijit.com
3 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
3 KB
6 s21.lol
admin.s21.lol
154 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
42 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
445 KB
4 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3039
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3439
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
2 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
cdn.id5-sync.com — Cisco Umbrella Rank: 857
31 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
c.bing.com — Cisco Umbrella Rank: 247
16 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
362 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
856 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
d.turn.com — Cisco Umbrella Rank: 1381
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
185 KB
3 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 4345
id.rlcdn.com — Cisco Umbrella Rank: 738
36 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1364
pixel.quantserve.com — Cisco Umbrella Rank: 1007
cms.quantserve.com — Cisco Umbrella Rank: 764
10 KB
3 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2634
api2.amplitude.com — Cisco Umbrella Rank: 1350
18 KB
3 tinypass.com
cdn.tinypass.com — Cisco Umbrella Rank: 6134
id.tinypass.com — Cisco Umbrella Rank: 15009
buy.tinypass.com — Cisco Umbrella Rank: 6622
116 KB
2 intentiq.com
sync.intentiq.com
sync1.intentiq.com
2 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
992 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4970
967 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1604
841 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
1 KB
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 4204
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
1011 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com
880 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
2 KB
2 rezync.com
live.rezync.com
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 790
827 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1576
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
62 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
545 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 918
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1463
123 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 881
api.btloader.com — Cisco Umbrella Rank: 960
19 KB
2 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2323
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
1 KB
2 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1517
597 B
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7316
2 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3406
332 B
2 sail-track.com
api.sail-track.com — Cisco Umbrella Rank: 8743
348 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
12 KB
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9261
experiences.mrf.io — Cisco Umbrella Rank: 10063
47 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
93 KB
2 lngtdv.com
s.lngtdv.com — Cisco Umbrella Rank: 26904
215 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 789
818 B
2 t.co
t.co — Cisco Umbrella Rank: 656
471 B
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2723
pixel.wp.com — Cisco Umbrella Rank: 2679
3 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3040
srv-2024-01-17-14.pixel.parsely.com
18 KB
1 a-mo.net
prebid.a-mo.net
451 B
1 sharethrough.com
match.sharethrough.com
280 B
1 yahoo.net
hb.yahoo.net
651 B
1 primis.tech
live.primis.tech
555 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1259
287 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
554 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4022
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
220 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
553 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
1 KB
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1026
339 B
1 contextweb.com
bh.contextweb.com
961 B
1 technoratimedia.com
sync.technoratimedia.com
4 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1396
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1685
15 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1860
609 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1345
634 B
1 videoplayerhub.com
longitudeads-com.videoplayerhub.com — Cisco Umbrella Rank: 34821
467 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5593
3 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3585
33 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 783
16 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 745
15 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 811
7 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
30 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7784
3 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
410 100
Domain Requested by
62 foreignpolicy.com admin.s21.lol
foreignpolicy.com
ajax.googleapis.com
c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
16 cm.g.doubleclick.net 12 redirects addkt-d.openx.net
eb2.3lift.com
14 simage2.pubmatic.com 2 redirects ads.pubmatic.com
14 ib.adnxs.com 5 redirects s.lngtdv.com
eb2.3lift.com
acdn.adnxs.com
13 securepubads.g.doubleclick.net s.lngtdv.com
securepubads.g.doubleclick.net
c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
admin.s21.lol
www.googletagservices.com
12 pixel.rubiconproject.com 8 redirects
12 eb2.3lift.com 3 redirects s.lngtdv.com
eb2.3lift.com
ads.pubmatic.com
12 it.lngtd.com s.lngtdv.com
10 c.4dex.io s.lngtdv.com
9 stats-collector.cxense.com cdn.cxense.com
8 image2.pubmatic.com ads.pubmatic.com
8 match.prod.bidr.io 8 redirects
8 s.amazon-adsystem.com 3 redirects addkt-d.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
7 x.bidswitch.net 6 redirects
7 tpc.googlesyndication.com c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
admin.s21.lol
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 px.ads.linkedin.com 3 redirects snap.licdn.com
addkt-d.openx.net
eb2.3lift.com
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 us-u.openx.net 1 redirects addkt-d.openx.net
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 match.adsrvr.org 5 redirects s.lngtdv.com
6 www.google.com admin.s21.lol
www.gstatic.com
tpc.googlesyndication.com
6 admin.s21.lol admin.s21.lol
static.cloudflareinsights.com
5 ups.analytics.yahoo.com 4 redirects addkt-d.openx.net
5 aax.amazon-adsystem.com client.aps.amazon-adsystem.com
5 grid.bidswitch.net s.lngtdv.com
5 ap.lijit.com s.lngtdv.com
5 bidder.criteo.com s.lngtdv.com
5 htlb.casalemedia.com s.lngtdv.com
5 mp.4dex.io s.lngtdv.com
5 fastlane.rubiconproject.com s.lngtdv.com
5 tlx.3lift.com s.lngtdv.com
5 rtb.openx.net s.lngtdv.com
5 hbopenbid.pubmatic.com s.lngtdv.com
5 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
admin.s21.lol
5 cdn.cxense.com admin.s21.lol
cdn.tinypass.com
cdn.cxense.com
4 pixel.tapad.com 3 redirects ads.pubmatic.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 pr-bh.ybp.yahoo.com 2 redirects addkt-d.openx.net
ads.pubmatic.com
4 gum.criteo.com 2 redirects static.criteo.net
4 t.clarity.ms www.clarity.ms
4 analytics.google.com www.googletagmanager.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.googletagmanager.com admin.s21.lol
www.googletagmanager.com
www.google-analytics.com
3 pixel-sync.sitescout.com 3 redirects
3 i.liadm.com 3 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 www.googletagservices.com c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
admin.s21.lol
3 id5-sync.com s.lngtdv.com
cdn.id5-sync.com
3 mug.criteo.com admin.s21.lol
3 www.clarity.ms admin.s21.lol
www.clarity.ms
bat.bing.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
admin.s21.lol
2 creativecdn.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 t.pswec.com 2 redirects
2 cm.adgrx.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 dis.criteo.com 2 redirects
2 c1.adform.net 2 redirects
2 ad.turn.com 2 redirects
2 pippio.com 1 redirects ssum-sec.casalemedia.com
2 id.rlcdn.com 2 redirects
2 ads.pubmatic.com s.lngtdv.com
ads.pubmatic.com
2 eus.rubiconproject.com s.lngtdv.com
eus.rubiconproject.com
2 addkt-d.openx.net 1 redirects s.lngtdv.com
2 static.criteo.net s.lngtdv.com
static.criteo.net
2 c.clarity.ms 1 redirects
2 c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
2 lb.eu-1-id5-sync.com s.lngtdv.com
cdn.id5-sync.com
2 rp4.liadm.com admin.s21.lol
2 rp.liadm.com s.lngtdv.com
2 ad-delivery.net admin.s21.lol
2 api2.amplitude.com cdn.amplitude.com
2 c.amazon-adsystem.com client.aps.amazon-adsystem.com
2 script.4dex.io s.lngtdv.com
script.4dex.io
2 cdn.confiant-integrations.net s.lngtdv.com
cdn.confiant-integrations.net
2 lexicon.33across.com 1 redirects admin.s21.lol
2 events.newsroom.bi sdk.mrf.io
2 api.sail-personalize.com ak.sail-horizon.com
2 api.sail-track.com ak.sail-horizon.com
2 cdn.jsdelivr.net www.googletagmanager.com
s.lngtdv.com
2 connect.facebook.net admin.s21.lol
connect.facebook.net
2 s.lngtdv.com lngtd.com
s.lngtdv.com
2 analytics.twitter.com admin.s21.lol
2 t.co admin.s21.lol
1 simage4.pubmatic.com ads.pubmatic.com
1 prebid.a-mo.net
1 match.sharethrough.com
1 ce.lijit.com
1 hb.yahoo.net
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com
1 rtb.adentifi.com ads.pubmatic.com
1 sync.ipredictive.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 t.adx.opera.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 cms.quantserve.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 r.casalemedia.com ssum-sec.casalemedia.com
1 sync.crwdcntrl.net 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 d.turn.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 acdn.adnxs.com s.lngtdv.com
1 js-sec.indexww.com s.lngtdv.com
1 buy.tinypass.com cdn.tinypass.com
1 ping.chartbeat.net
1 static.chartbeat.com admin.s21.lol
1 c.bing.com 1 redirects
1 experiences.mrf.io sdk.mrf.io
1 geo.privacymanager.io ats.rlcdn.com
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 pixel.quantserve.com admin.s21.lol
1 cdn.id5-sync.com admin.s21.lol
1 secure.cdn.fastclick.net admin.s21.lol
1 ats.rlcdn.com admin.s21.lol
1 ad.doubleclick.net admin.s21.lol
1 api.btloader.com longitudeads-com.videoplayerhub.com
1 p1cluster.cxense.com cdn.cxense.com
1 rules.quantcount.com secure.quantserve.com
1 btloader.com admin.s21.lol
1 longitudeads-com.videoplayerhub.com 1 redirects
1 id.crwdcntrl.net s.lngtdv.com
1 idx.liadm.com s.lngtdv.com
1 secure.quantserve.com s.lngtdv.com
1 client.aps.amazon-adsystem.com s.lngtdv.com
1 config.aps.amazon-adsystem.com s.lngtdv.com
1 fonts.gstatic.com www.google.com
1 www.facebook.com admin.s21.lol
1 c2.piano.io cdn.tinypass.com
1 id.tinypass.com cdn.tinypass.com
1 px4.ads.linkedin.com admin.s21.lol
1 www.linkedin.com 1 redirects
1 floors.lngtd.com s.lngtdv.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 cdn.amplitude.com cdn.jsdelivr.net
1 sdk.mrf.io admin.s21.lol
1 ak.sail-horizon.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 pixel.wp.com admin.s21.lol
1 www.foreignpolicy.com admin.s21.lol
1 cdn.tinypass.com foreignpolicy.com
1 srv-2024-01-17-14.pixel.parsely.com admin.s21.lol
1 static.ads-twitter.com admin.s21.lol
1 static.cloudflareinsights.com admin.s21.lol
1 stats.wp.com admin.s21.lol
1 lngtd.com admin.s21.lol
1 ajax.googleapis.com admin.s21.lol
1 cdn.parsely.com admin.s21.lol
1 www.npttech.com admin.s21.lol
0 ad.mrtnsvr.com Failed ads.pubmatic.com
410 171
Subject Issuer Validity Valid
admin.s21.lol
R3		 2024-01-17 -
2024-04-16		 3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
foreignpolicy.com
E1		 2024-01-12 -
2024-04-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
npttech.com
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.lngtd.com
Amazon RSA 2048 M03		 2023-12-20 -
2025-01-17		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.pixel.parsely.com
R3		 2024-01-14 -
2024-04-13		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-04 -
2025-01-02		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
1542628117.rsc.cdn77.org
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-26 -
2024-01-24		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M02		 2023-12-04 -
2024-12-30		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
cdn.amplitude.com
Amazon RSA 2048 M02		 2023-12-14 -
2025-01-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
api.sail-track.com
Amazon RSA 2048 M02		 2023-04-24 -
2024-05-22		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
ssl03.cert.cl11.k8s.mrf.io
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
client.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-12-20 -
2025-01-18		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2024-01-17 -
2024-04-16		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
c.4dex.io
GTS CA 1D4		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2023-01-23 -
2024-02-14		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
it.lngtd.com
GTS CA 1D4		 2024-01-15 -
2024-04-14		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh

This page contains 37 frames:

Primary Page: https://admin.s21.lol/
Frame ID: 141F0828976698082807770BFA683F81
Requests: 272 HTTP requests in this frame

Frame: data://truncated
Frame ID: D294A26476A755C4F8C621F79646D1A7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNhYkiAAAAAEo_IrOgwgJPQt4LnKpiSPXhUHxZ&co=aHR0cHM6Ly9hZG1pbi5zMjEubG9sOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=krfq24itwltj
Frame ID: 6F561412FE08F5D468BC495F35A175D7
Requests: 5 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: E8C3084151FAD4F8FC5B5D55C42C484A
Requests: 4 HTTP requests in this frame

Frame: https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1CB8A1B87DDE55E4CDE9B87C535250AE
Requests: 1 HTTP requests in this frame

Frame: https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB1598AB11AE202422EE9791C8624EFE
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/gampad/adx?iu=/7971222/pixel_1x1&sz=1x1&c=136524624&tile=1
Frame ID: AD666B7FD888D418441F5B9F62DEC184
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDc46vlC8TdY003XFnOIjZ8NK3AQ_ShWBIHAZh-O-bLYGa5aBMAU2LCC67WHfUrHMOaNw5t8Qi_Exh2GTE3rlvU_Tm3fTrmL7sJXAa5gEWWPbKJ6aZ8w9zQs9anh8y_DvNZWtIEvgVudQg5gSM5guTRUf8luML8oa683mIL9YnbKk7zePHaA9GcTBMXe9agbO9EYSgK4WOLnT2kd_hjAgeCSecZeIHIJj1jqwfbDXqzPJeFjDRY06_zSTTqNNNZIw6Wi8w5_oCUgZR8Z-2Lp3te-4uvgQgHD9DQvqW0bI9MnEJF0zvDbakfRDGk5IafxCqC-jQIUC0SWHrrqT3XZJ8UxXlF8MRh1XGj2Ntyde7e1QjHA&sai=AMfl-YSp8WPrffjEyXH40MNeKbcoKlwBY45ASdPlltaej6AaeCJT2_OR6Iht24YuRXLffO9ItxKMRIBJq8qOx9hmAY40nn3KtDov02_VO-3z4Ydh_tnpKOf8Dt21Wd73yQ&sig=Cg0ArKJSzPqSdkjU-hU1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 77595A7447E33D74DE71DD478C06E8BE
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8PvknWsagDZASMlEgrAuCTnPIZdEjZDdnwKm794lK4j4h8gK0gLVuz3gWwQMofY4QZ2htWMy39G8fybQOgzDXfwRqJv5Vd4aUJ6NL6bwHwrcCZ7bcPDIz2GYNnDsWjWSymugkYN_ucs-5posiRPUv3t44IlF9XVWOa1VBGNdsh8VKgZSJPZdEeJ43p0AGTuD3ayWJcIguA_7AA1qupAC1XXSovMKs1lszNv2CXTu-e_aIi69c4TjI6_laUPd8pmfJoVZz9yzhJQIAKOX1UnL6RdOm_sV-9D28Kl_rc56PX0u6vTuwERq_B1AfJEbnHo2UpiTJOhf7eI_h45bVXCXKN3dy14dKQAl10R2uil_HU_IVDw&sai=AMfl-YRf1W3cQPP9MPaOkq3ItuOpwqwbMPuczx-pL5sFEWoh9IgByPLqtCa9oXJScqKADCbfXyLsf4Ypha0FLAejMqyu4F13yZkwpocg6EHy2UdwrKfXar01eJlpkejmzrg&sig=Cg0ArKJSzMW_2rG61NQSEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 2D778872D006ACA8857B619ACB1CEA90
Requests: 5 HTTP requests in this frame

Frame: https://experiences.mrf.io/passexperience/dw-check.html?v=6
Frame ID: 360EC05DEB1903AF9C4487634649F67C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C88EACE6FBAC13E0BF999EBE1ED0B1DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E567FD24525A566288A681DE1A6F2C5
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=admin.s21.lol
Frame ID: F20D78EB30D549952D3B75433BA07DEF
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C276B2E70BB38F8A21FC9A9EF9C51CE9
Requests: 1 HTTP requests in this frame

Frame: https://addkt-d.openx.net/w/1.0/pd?cc=1
Frame ID: 2E99327FF9DA5AA8AB6168C2C309211F
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 289FD292E217F86580AA82DD1FA8D64A
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Frame ID: 2312080E84892198DE368DD990FD9372
Requests: 20 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 966441627396DB2AD32F7272DC3EB0A3
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 0329751D2106F4E36C5A108C8106AD93
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 41FF80987258A272FDD3FE3133EAD936
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=A86775D2-3BBA-4AD4-84DC-BD63429E9315&redir=true&gdpr=0&gdpr_consent=
Frame ID: EF00132081263FE9BE2C90A92824B6A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=15bb5b50-b547-11ee-a8a7-513fb37e1806
Frame ID: 95B8D5A66F76571CE722934C08E3C194
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEUJU7LT9AAABLZ13GuhQ&gdpr=0&gdpr_consent=
Frame ID: 5E07CC56C437BCC3B7DDC3AB9277F93A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=280428771345290224&gdpr=0&gdpr_consent=
Frame ID: ED5B7F00891831764A0440B46821BA45
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 2FDA0887BDF2BC69B7A482EC83D2391D
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 7230A9431E9A82D8C6A934BB61A94CDD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1de3d188-5003-40b3-a1d5-bdd061ea67ba&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 327C75CABCBA4CC989603E98C6BBE54B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EYyeSEKBzxkKiJxOFY7STEOKmhoKj88eHo5hMc5z
Frame ID: 545BC5512B587DBA41A5905F5495E50B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Y4hkYc3S1Rq7aI5&gdpr=0&gdpr_consent=
Frame ID: 42797DE165E4B948BA47277B946312EE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4sFL9glzVMVgpwr4qouw3CaEdkg&gdpr=0&gdpr_consent=
Frame ID: F6169938233EF2944EB0B1309EE8EAB6
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A86775D2-3BBA-4AD4-84DC-BD63429E9315
Frame ID: 3D84E0F75C2092E69EA64F894A8059BE
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 4B2FB765467450599CC30F661CD9BAB2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: AA9D7C09B3AF3471725B4D41E49E0593
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377156005274791
Frame ID: 7E61A2430D1FB98AFFE17FCB4653A136
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B122A35C3C9E1C889A06A3692AB9B9ED
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU21cc52f003df4f959f7c44e479506b6b
Frame ID: 119224072B5E64FA14330E719E998B31
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: D9C73535583B437764159B6B7A4804F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Foreign Policy – the Global Magazine of News and IdeasForeign Policy MagazineSearch IconForeign Policy MagazineSearch IconSearch IconFP Insider logoForeign Policy Magazine

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

410
Requests

84 %
HTTPS

37 %
IPv6

100
Domains

171
Subdomains

121
IPs

7
Countries

12696 kB
Transfer

19510 kB
Size

203
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1614889&time=1705502733568&url=https%3A%2F%2Fadmin.s21.lol%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1614889&time=1705502733568&url=https%3A%2F%2Fadmin.s21.lol%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1614889%26time%3D1705502733568%26url%3Dhttps%253A%252F%252Fadmin.s21.lol%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1614889&time=1705502733568&url=https%3A%2F%2Fadmin.s21.lol%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1614889&time=1705502733568&url=https%3A%2F%2Fadmin.s21.lol%2F&cookiesTest=true&liSync=true&e_ipv6=AQK8OjllY6REGgAAAY0X4nc0SopGkokwZR3UjMGif7kdiG3lZCNLed-7GzeN3L1m1tu4U5I
Request Chain 140
  • https://lexicon.33across.com/v1/envelope?pid=0015a000034LE2vAAG&gdpr=0&src=pbjs&ver=8.30.0&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a000034LE2vAAG&gdpr=0&src=pbjs&ver=8.30.0&coppa=0&b=1&g=TgWIn7B2EFHTNYRLh9jVex3EwfW%2BHVxrYzwQn7GwOZE%3D
Request Chain 141
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fadmin.s21.lol%2F&domain=admin.s21.lol&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=GYWCaXx2OEtRRDBGY1d0Y0VpQXN6d01OTlB6Qk5qMHdwNjFVVEZhSWlkcWozVFdOY3ZDMzhqWkp0dGpRZGE5UkNzZnZWTm1tUm5WQjR0UENFSlJzd21Od2NNdW8yS0c0alpEUTMvY3VFaGo1OUw0bVc2bFRJYlhidVBxTEdNSERrUFZ4Sk5Oa1lEelpMc29KOTM0YStJT2xKamtma2VSZ016bGRsZFE3RzhxaTBWdTdPNjNvTXRxWVJaeVlQQVN5RXNGSWpUS1I2aFNVMWRtNTQxOHFaL2hJVldabEVVUlhoV3lyZ044c3AvenNweFhYNDVTQUFDam1qY21lN0FNbExuK0hxfA&cppv=2
Request Chain 146
  • https://longitudeads-com.videoplayerhub.com/galleryplayer.js HTTP 301
  • https://btloader.com/tag?h=longitudeads-com&upapi=true
Request Chain 233
  • https://rp.liadm.com/p?dtstmp=1705502735012&did=did-0041&se=e30&duid=cf6fbbf099b5--01hmby4y50v04emtm028shawyj&pu=https%3A%2F%2Fadmin.s21.lol%2F&wpn=prebid HTTP 302
  • https://rp4.liadm.com/p?se=e30&duid=cf6fbbf099b5--01hmby4y50v04emtm028shawyj&dtstmp=1705502735012&did=did-0041&wpn=prebid&pu=https%3A%2F%2Fadmin.s21.lol%2F&i6=MjAwMTo1NTA6MWQwNToxOjoxMQ%3D%3D
Request Chain 234
  • https://rp.liadm.com/p?dtstmp=1705502735012&did=did-0041&pu=https%3A%2F%2Fadmin.s21.lol%2F&ae=eyJtZXNzYWdlIjoiIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiQWpheEZhaWxlZFxuICAgIGF0IHAgKGh0dHBzOi8vcy5sbmd0ZHYuY29tL3ByZWJpZC9mb3JlaWducG9saWN5L3ByZWJpZDguMzAuMC4xNzA1MDc1NTM5Lm1pbi5qczo0Njo1NzMzKVxuICAgIGF0IGUuZW1pdEVycm8uLi4iLCJmaWxlTmFtZSI6InVuZGVmaW5lZCJ9&wpn=prebid HTTP 302
  • https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiQWpheEZhaWxlZFxuICAgIGF0IHAgKGh0dHBzOi8vcy5sbmd0ZHYuY29tL3ByZWJpZC9mb3JlaWducG9saWN5L3ByZWJpZDguMzAuMC4xNzA1MDc1NTM5Lm1pbi5qczo0Njo1NzMzKVxuICAgIGF0IGUuZW1pdEVycm8uLi4iLCJmaWxlTmFtZSI6InVuZGVmaW5lZCJ9&dtstmp=1705502735012&did=did-0041&wpn=prebid&pu=https%3A%2F%2Fadmin.s21.lol%2F&i6=MjAwMTo1NTA6MWQwNToxOjoxMQ%3D%3D
Request Chain 280
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1AF66AAF8F464E71942D802222AEBAF7&RedC=c.clarity.ms&MXFR=0C52851340466D9F1C7C911A4446636A HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1AF66AAF8F464E71942D802222AEBAF7&MUID=2B550B4690B3683404241F4F91AF69BF
Request Chain 302
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=s21.lol&sn=ChromeSyncframe&so=3&topUrl=admin.s21.lol&bundle=jofvMF8yYlUxdHNNMzFCeXNPSkM3ZWR2UjlHaFAlMkYlMkZKSHZCR1I1dTZDVlZVMVdNVWJCc1lReVJ1WUtQTU5Zb2Y0RHQ5NlN1d3NrbzYzeWdDYm84cGklMkZvNDN6TUlmRHEzVlQwWkQlMkZzSllLck5ZSThZJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=QTXs5Hx4YlZudFNHWjYvaVFobFpPanUyaitGYXVUcWxCRnBvaitkNlV3YXVQSVhkYjNLdE1sWU9ZUzg1Smx4ellHeFZaNWxURGFrNGNEamdaQTV5bjM3UFhWQUo2RGloTkVOSjlxT2ErdUowVHRIT1VubUtWVzlTRHVYcUFHWUpEN2NGYWYyVXptUm93Q1FXOE9Gd1l2VE9HRTFjSklMNmxDZEgvL0c3Y2N1Y2FIQ3AwczBaRHM5SGZCSm5BQjlZdW5QMGo5TkZ2WnZRL1dmZTA3Y1NmdWRiVlB1Yi9mWjFGSEczMmZ6QlgvdjhQYWdRNFVTMGJTaWk1SVZSdFJ0eUowL2Q1dENRQUlJYmtia0dnWlc3QllBc3VkMFNKa0VLdUNLNEpJeGxOSzhxS3JHYz18&cppv=2
Request Chain 319
  • https://addkt-d.openx.net/w/1.0/pd HTTP 302
  • https://addkt-d.openx.net/w/1.0/pd?cc=1
Request Chain 323
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 324
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=1de3d188-5003-40b3-a1d5-bdd061ea67ba&google_hm=MWRlM2QxODgtNTAwMy00MGIzLWExZDUtYmRkMDYxZWE2N2Jh HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMTUB1_4jsMSxu3wa0LitI0&google_cver=1&ssp=themediagrid&bsw_param=1de3d188-5003-40b3-a1d5-bdd061ea67ba
Request Chain 327
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 328
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=3ef9f5e6-fc55-05ae-3390-147f5fa5e1c3 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=3ef9f5e6-fc55-05ae-3390-147f5fa5e1c3&verify=true
Request Chain 329
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=45fb0909-e978-0987-3fce-5586f19d7472 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokNDVmYjA5MDktZTk3OC0wOTg3LTNmY2UtNTU4NmYxOWQ3NDcyEAAaDQiU0J-tBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=94f23be42d2515cecd7a77d483690c33ba81caa75bdee39da519dae28f2318c3791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=94f23be42d2515cecd7a77d483690c33ba81caa75bdee39da519dae28f2318c3791426b5417dce21&rand=02541895
Request Chain 330
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=5422553912594021682
Request Chain 331
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3722499249143144507&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 332
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZafoFAAPMivl1ABH HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZafoFAAPMivl1ABH&_test=ZafoFAAPMivl1ABH
Request Chain 334
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=48eb0a12-3895-841d-a0b9-57e2a035de4a HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=48eb0a12-3895-841d-a0b9-57e2a035de4a&dcc=t
Request Chain 335
  • https://match.adsrvr.org/track/cmf/openx?oxid=103d766f-243f-3fe7-60b7-d575c80615aa&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1c95ae01-40fe-4041-9062-cd8934fc2a2e&ttd_puid=103d766f-243f-3fe7-60b7-d575c80615aa&gdpr=0&gdpr_consent=
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEyG4ljB4vrSvG5Xkbp0iUE&google_cver=1
Request Chain 339
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1c95ae01-40fe-4041-9062-cd8934fc2a2e&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 340
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MjA3MTQzMzIzMDY4NTkwOTMx HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAVRZ2Air3PAPxPGQUU0wBU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 342
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MjA3MTQzMzIzMDY4NTkwOTMx
Request Chain 344
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/225207143323068590931?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Oj_BWu1E2oS0Y2zWdj0ooz76fxjWyiaGAAWg035d_Q--~A&dongle=0883
Request Chain 345
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=225207143323068590931&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4336018554955098065&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1de3d188-5003-40b3-a1d5-bdd061ea67ba&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 346
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=91b365df-315a-4bb6-aafb-0089d1a60ff6&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
Request Chain 347
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=280428771345290224&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 350
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZafoFHJh0SIqlKG6IcEKLQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP0stesGUj8suQ341K5_UhY&google_cver=1
Request Chain 351
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZafoFHJh0SIqlKG6IcEKLQAABpwAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZafoFHJh0SIqlKG6IcEKLQAABpwAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 352
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZafoFHJh0SIqlKG6IcEKLQAA%261692&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3722499249143144507 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=f24dd1ce-25f3-41d9-856c-3859e35707c3 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=68c1c10d-9882-42f8-b979-b7bc5b638b6c%3A1705502741.02463&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D68c1c10d-9882-42f8-b979-b7bc5b638b6c%253A1705502741.02463%26pid%3D500040%26it%3D1%26iv%3D68c1c10d-9882-42f8-b979-b7bc5b638b6c%253A1705502741.02463%26_%3D1705502741.0275428&cb=1705502741.0275862 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377156005274791&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D68c1c10d-9882-42f8-b979-b7bc5b638b6c%253A1705502741.02463%26pid%3D500040%26it%3D1%26iv%3D68c1c10d-9882-42f8-b979-b7bc5b638b6c%253A1705502741.02463%26_%3D1705502741.0275428 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=68c1c10d-9882-42f8-b979-b7bc5b638b6c%3A1705502741.02463&pid=500040&it=1&iv=68c1c10d-9882-42f8-b979-b7bc5b638b6c%3A1705502741.02463&_=1705502741.0275428 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1705502741.0275428&iv=68c1c10d-9882-42f8-b979-b7bc5b638b6c:1705502741.02463
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZafoFHJh0SIqlKG6IcEKLQAABpwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELLBGAqyV-HgjZnJBpdq-Eo&google_cver=1
Request Chain 354
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=17DE507BB70C4FB898E3CA2D93F8F320
Request Chain 355
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4822173424027145722&gdpr=0&gdpr_consent=
Request Chain 356
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Db92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Db92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Db92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&gdpr=0&gdpr_consent=
Request Chain 357
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=4e3250c2b4fe11e2&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGWnVnu6PP0gMMqU7zAAAAAAA&expiration=1705589140&is_secure=true
Request Chain 363
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=15bb5b50-b547-11ee-a8a7-513fb37e1806
Request Chain 364
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFTElrN0xUOUFBQUJNSXJUb3RLUQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAEUJU7LT9AAABLZ13GuhQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEUJU7LT9AAABLZ13GuhQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEUJU7LT9AAABLZ13GuhQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEUJU7LT9AAABLZ13GuhQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=4822173424027145722&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEUJU7LT9AAABLZ13GuhQ&gdpr=0&gdpr_consent=
Request Chain 365
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=280428771345290224&gdpr=0&gdpr_consent=
Request Chain 368
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=pubmatic&bsw_user_id=1de3d188-5003-40b3-a1d5-bdd061ea67ba HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=pubmatic&bsw_user_id=1de3d188-5003-40b3-a1d5-bdd061ea67ba HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=db2caf27-d121-40fd-b5cd-cfe91988f726&expires=3&user_group=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1de3d188-5003-40b3-a1d5-bdd061ea67ba&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 369
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EYyeSEKBzxkKiJxOFY7STEOKmhoKj88eHo5hMc5z
Request Chain 370
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Y4hkYc3S1Rq7aI5&gdpr=0&gdpr_consent=
Request Chain 371
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4sFL9glzVMVgpwr4qouw3CaEdkg&gdpr=0&gdpr_consent=
Request Chain 372
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=41692910-2d4d-4b79-9a49-4a5f450a4f42&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A86775D2-3BBA-4AD4-84DC-BD63429E9315
Request Chain 374
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 375
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377156005274791
Request Chain 376
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 377
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU21cc52f003df4f959f7c44e479506b6b
Request Chain 378
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 379
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qGd10ju6StSE3L1jQp6TFQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 380
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A86775D2-3BBA-4AD4-84DC-BD63429E9315 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=A86775D2-3BBA-4AD4-84DC-BD63429E9315 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1f74a0b1-7e94-4c5c-a840-0b41e167d946%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1c95ae01-40fe-4041-9062-cd8934fc2a2e&ttd_puid=1f74a0b1-7e94-4c5c-a840-0b41e167d946%2C%2C
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTg2Nzc1RDItM0JCQS00QUQ0LTg0REMtQkQ2MzQyOUU5MzE1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPjeGY1oCaj-Q7teQTY-SJk&google_cver=1
Request Chain 385
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2456B774863A43B2958C9759FEA5475C
Request Chain 386
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1c95ae01-40fe-4041-9062-cd8934fc2a2e&gdpr=0&gdpr_consent=
Request Chain 388
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A86775D2-3BBA-4AD4-84DC-BD63429E9315&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mVkp5alE2uXvsPKrtMWW.By241PHNs8-~A&gdpr=0
Request Chain 389
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=49c301ab-444e-46a5-99ca-981254395458&gdpr=0&gdpr_consent=
Request Chain 390
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A86775D2-3BBA-4AD4-84DC-BD63429E9315&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=26a6cda8e160124e&is_secure=true&networkId=17100&version=1&nuid=A86775D2-3BBA-4AD4-84DC-BD63429E9315&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFsVl1NnQV8AN4WsepAAAAAAA&expiration=1705589140&nuid=A86775D2-3BBA-4AD4-84DC-BD63429E9315&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 392
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&gdpr=0&gdpr_consent=
Request Chain 393
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3722499249143144507&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 394
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_10F6F5627_2EC37B79&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 395
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=WmmfhunWtegk6uOaE88_5wdz5udIAFsZqwNX-zHGVZs&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
Request Chain 397
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTc4MWM5M2VhZjc2ZDM1MmZlM2RjMTY0OTEyNDk0OGE5NTA1MWUwZA
Request Chain 399
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1c95ae01-40fe-4041-9062-cd8934fc2a2e&gdpr=0&gdpr_consent=&expires=30
Request Chain 400
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDIPeBcGW741sJuwHSpNEsA&google_cver=1
Request Chain 401
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IYR0igaxTiG5a7BNr1jgsg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IYR0igaxTiG5a7BNr1jgsg
Request Chain 402
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/v22zBjhlzcWQLuzEV-T8U8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qv0KCqhE2oK.97.gOH8.IrOr2KhWSGPmJqA5mg--~A
Request Chain 403
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRHWAKGY-1X-FPV7&ex=d-rubiconproject.com&status=ok
Request Chain 404
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJIV0FLR1ktMVgtRlBWNw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDeUL_oIdcHV7IwnASW7TeE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJIV0FLR1ktMVgtRlBWNw==&google_push=
Request Chain 405
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRHWAKGY-1X-FPV7
Request Chain 406
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEUJU7LT9AAABLZ13GuhQ&expires=30
Request Chain 407
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRHWAKGY-1X-FPV7 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRHWAKGY-1X-FPV7 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRHWAKGY-1X-FPV7&ckls=true&ci=DW2B6kXHpv&nc=false&trid=405062117
Request Chain 408
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRHWAKGY-1X-FPV7&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRHWAKGY-1X-FPV7&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1GM2M3THJKRTJ1RkFOOHBjZ1MyRXRkUDd1NDJvc0VrTH5B&ovsid=LRHWAKGY-1X-FPV7&dpid=58160
Request Chain 409
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LRHWAKGY-1X-FPV7
Request Chain 410
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRHWAKGY-1X-FPV7
Request Chain 411
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRHWAKGY-1X-FPV7
Request Chain 412
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LRHWAKGY-1X-FPV7

410 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
admin.s21.lol/ 		280 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.11.184.118 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
0f08820faf0bbdb2934b64faa0df1a5b8c27e6427fc4e395969833fbd30d174c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
115
cache-control
private, no-store
cf-cache-status
DYNAMIC
cf-ray
846f61e948411afd-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 14:45:31 GMT
expect-ct
max-age=86400, enforce
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://foreignpolicy.com/wp-json/>; rel="https://api.w.org/" <https://foreignpolicy.com/wp-json/wp/v2/pages/997852>; rel="alternate"; type="application/json" <http://atfp.co/1JCMpE7>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TzStw55vpYQm2uCFMNPRSo9uTACnyqFfdYP8tXIQMRBxmp7pC%2BjIHM3Er5SiSmnPKYwTcGEn%2FRTljXxOPSh1Os4nYe15ja04FfRJn5s7WgHvcKpRYfwDmxSr4vRpImEdGWj"}],"group":"cf-nel","max_age":604800}
server
nginx/1.24.0
x-cache
hit
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-rq
ams6 123 242 443
x-xss-protection
1; mode=block
ari-ci.js
cdn.cxense.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/ari-ci.js
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1296::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d151224cd7b00d5d33ca0bc892d7dfddb73b1c0f44ca903beec3de617d8b19ce

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:45:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 13:04:15 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4655
Expires
Wed, 17 Jan 2024 15:45:32 GMT
tiempos--normal--600.woff2
admin.s21.lol/wp-content/themes/foreign-policy-2017/public/fonts/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://admin.s21.lol/wp-content/themes/foreign-policy-2017/public/fonts/tiempos--normal--600.woff2
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.11.184.118 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
2bb3ba317e4f76df96fe27e65149bc7472ab3cd0cf174207c10aa78d0df54c0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.s21.lol/
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6145
x-cache
HIT
content-length
41900
x-xss-protection
1; mode=block
x-rq
ams6 123 243 443
referrer-policy
same-origin
last-modified
Tue, 16 Jan 2024 19:32:47 GMT
server
nginx/1.24.0
etag
"65a6d9df-a3ac"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFdf1NzPKBcPyl2hkFsHz6xAhhdtfr7x5IfSS2dulLV8D56hwPloUqiurpr7QdYDfwcHX4Asap3OIh7XgLALRyIGopPBY7fSQVXCqObsrt2p%2FNW56u3nBV3AGutxHd9BRIP3"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f61eb1a0966f0-AMS
solido--normal--400.woff2
admin.s21.lol/wp-content/themes/foreign-policy-2017/public/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://admin.s21.lol/wp-content/themes/foreign-policy-2017/public/fonts/solido--normal--400.woff2
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.11.184.118 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
c20b8f39d0c0d0a73cd0d0f5b29b07c8d992df61c86dca3555efd9485544da46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.s21.lol/
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
16468
x-xss-protection
1; mode=block
x-rq
ams6 123 243 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:58 GMT
server
nginx/1.24.0
etag
"65a7e466-4054"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmE69DOR1bLBm02qdXiCoonwhQP6vBohC3kPK%2B12jioUqDWaXG4md4H2UZ1NpDBUV0Ca4PRZ%2BQTm2OxJhPyKHZ28aJyghV9F6qiHBgWF%2FJBXH9EsoAVNxU%2Bf8vANkhfPPSDP"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f61eb08b80b38-AMS
tiempos--normal--400.woff2
admin.s21.lol/wp-content/themes/foreign-policy-2017/public/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://admin.s21.lol/wp-content/themes/foreign-policy-2017/public/fonts/tiempos--normal--400.woff2
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.11.184.118 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
4320d39d1f102e220b19cbb1a2922f9d2955e7330e4d16028637d9fbfbe851b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.s21.lol/
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
56760
x-xss-protection
1; mode=block
x-rq
ams6 123 243 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:58 GMT
server
nginx/1.24.0
etag
"65a7e466-ddb8"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2F1%2BUyNz3Iy2kkyUl7dlQ2NbtrF3H%2B%2BbnuxObSqFxmX9FYJq4JwYLuLwfCWkCafZVLRTNxdAa7NzJpyQ8owCdD4TmnK28HPOmzMixFjtB4DPWZCP21Q3qJyOgFbF45Wrdiu7"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f61eb0cc500b6-AMS
style.min.css
foreignpolicy.com/wp-includes/css/dist/block-library/ 		107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-includes/css/dist/block-library/style.min.css?m=1701905043g
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
396991
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 243 443
referrer-policy
same-origin
last-modified
Wed, 06 Dec 2023 23:24:03 GMT
server
cloudflare
etag
W/"65710293-1add3"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtHq9DJB9AxjDm01g%2Bvu9JBSqx5HiE2dlMLKouGHQA5gpXOsqUV9dXmMjGUBvNo08Sc14Tr%2FM0iRJp3BTLGnjeZgT84UmDA94lSfww3iATJ4u2SbVrie0BI%2FfFsy58pqRxwOAbgPbKUdfj6Wh2go"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61eb48168df4-MIA
/
foreignpolicy.com/_static/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeEU5CRWphbp5qSmJyZX6uVm5uklFxfr6OPTDpRD5sM02efaGpobGFoamBqYmAAARI8u2g==
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Wed, 06 Dec 2023 23:24:04 GMT
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrpuLlLlRNhT2ZxyvLV4oqjFpB4glEzvXbOKkjla2a0G88%2FkuuThVAbabR3vizz5Bfw4ipnQxIK2%2FwzHFWFozLmBLTWhiJEfyqC5kzQ%2FfvOfGhRZyZZwQz9FG3QPlJgmtHzAX3S0JU39b84jxQLA"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61eb48158df4-MIA
/
foreignpolicy.com/_static/ 		587 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdea8f714ea4a0b1937ec0c5cb23498f5441af8a619fb385db7e38e581fe6dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:59 GMT
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3a1Zxszt9%2Fqql67hIAbCeIH3TEv09g8BdmBgknZUxAeQ5pEp4TDif%2Fz7hQjW3J5yNT2ewCETRLu6pzVAuv95RIcKSDRYToslSSfqPEAn5Ue1BEkRr%2FgCzjBXjLpglsydK3t89hM9j52A%2B%2FqOb4a2"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61eb48148df4-MIA
/
foreignpolicy.com/_static/ 		239 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/_static/??-eJylztEOgjAMBdAfchRMkPBg/JYxio5s7dJuGP/eYYzvhre2ufek8EzGMWWkDPmBERUWFvR3MomDdy9zbrsBrCpmBRUH6sSnOm9IMwugXkwSjl6xsSVzs+oJjqJLLS/WIU+KsqE0mi3NNjDhMf972n39Q0plqstPKdmHPeiKftrCIdQno6dq3uK1G9q+r71xXN+M/YHw
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c096d7a64bd8551983f88b8ba947c5561436d660a6da8caca20a86e9a140d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:59 GMT
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APpjBsHenspTZP7UdpNNy4XyuV960hNvxTJXZSMa%2Fe04ceVPgzgWUYhZ9nCkO5EJvcoK58Ry5vlKX0Pt6taVfUZ8E%2B2Qk3sj0aXg%2BbyGBrO95mHkckWaCZX6VZOOhXxb7DvxT%2FlpotmbfIbZNZGN"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61eb48178df4-MIA
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-6874192-41
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
015fc14006f7ce1bc79c386725d85dd7760451accc3acbeab467c4b11a9df376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68293
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Jan 2024 14:45:32 GMT
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BFGHF87PBGPRV814
age
4615
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Egtr3VrS/4jMGSYaqd4+bzdAqXXhwC1IqxAt7zDG91EUZ+XFf609VgSver8OqqaMh0MzN2hoQmU=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5f4a5%2FaxfNdrcXSaSdUnPuQJkwf4Qr3V%2BzQ3SLjg8mGn9mqyRPKFFAdwrCJiLQwlg1NqbOYTYhrHlB%2Fx1f44yZyWhptzgsj5ZZedVxO%2BblwjojK6pEmHBQSnDJUKy61cAmtwZPeig0PuE6bKW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
846f61ecf8cd09aa-MIA
newsletter-icon.png
foreignpolicy.com/wp-content/themes/foreign-policy-2017/assets/src/images/newsletters-page/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/assets/src/images/newsletters-page/newsletter-icon.png
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b36b8e55e03b371fe0ab49d3988f280afa0f66067e013ff98ce76750c96f70d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
396667
x-cache
HIT
content-length
3493
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Mon, 05 Dec 2022 15:30:49 GMT
server
cloudflare
etag
"638e0ea9-da5"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvPXPZRQuk%2FfFoOJ6LgtgM12CYDhEOeuUhWAOSUTrNpLDs1X3rz2uyMeLRCuQ%2F5hm5uiCkwM8QowkfwAyMwASLL9c9eUSwOsTjbi%2BVgdlWX6sX2lQarkzh31mY%2BfnqCO2KSAcY2O%2BikI68ezceCH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61eb582e8df4-MIA
_main.min.css
foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/styles/components/fp-quiz/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/styles/components/fp-quiz/_main.min.css?m=1705501799g
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33fc0fe6c953f5e84b16688858d420b312a8fa18d8ae6f77913c729ff33d0870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
581
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 243 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:59 GMT
server
cloudflare
etag
W/"65a7e467-be0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5FveBK%2BOqcyUPbnHYTh68ZIeD8Swp5Y1lGaMum830p%2F5yRdBlllx9vYAskemkUgpe1AYTYe678bepCnON5ykR%2F7xJSXFYznQubNiVNvquR6NbXbXk15t6pYsbvFsyYzzjV66Wyd4Pm%2Fia1YzS8c"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61eb885f8df4-MIA
/
foreignpolicy.com/_static/ 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWT8ksLtEvS81LyS/SB0oV5OdUpmXm5ADVpBaV6OVm5ullFevo49FUlJqeClSbWJJfpFtUmleSmZtKjDYku/Aqz8jPzy6GqrDPtTU0NzC0NDA1MDHJAgAo7koi
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc6dacff9a56a6947dcf1eea394b6bbb7c4da52d6febaa470487a37450c41fe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Wed, 06 Dec 2023 23:24:04 GMT
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKWvNs9JzPtueK%2B4uy%2BzlmK2SqrVLTPNzV8A2wW6FXTRKbe3Wd0wCF9B4%2BFdY44m2z8kkw55L73Sr5L4BDaBr0sPRfddf2SQfoHj9EFmxaiz1LwID4GgUiJfFVGeMjjqHWvUG7yB%2BjWlS0m3kdRw"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61ec09088df4-MIA
i18n.min.js
foreignpolicy.com/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
396668
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 243 443
referrer-policy
same-origin
last-modified
Wed, 06 Dec 2023 23:24:04 GMT
server
cloudflare
etag
W/"65710294-24e5"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ys%2FgF%2FFZiawnNwDvT2dA6hgJDu4aIiXI1gnFyRt4kA3HJx14B4splZZeGZkLFLneWvhQ3WQGfmWuZk4m4TtBWQDZLB%2BxzUju5vR%2B06pr%2FIIFEwKcueyjoLBxDqmuA%2BQVgyHToAPgzFw5t8eF5%2BzZ"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61ec09098df4-MIA
loader.js
foreignpolicy.com/wp-content/mu-plugins/wp-parsely-3.12/build/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/mu-plugins/wp-parsely-3.12/build/loader.js?m=1705423415g
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57298ae9c2168c3f86b4f4e67b9b6a222ce706ed3c8191f391c03d37760d253e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77659
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Tue, 16 Jan 2024 16:43:35 GMT
server
cloudflare
etag
W/"65a6b237-bf9"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VH5jvMdZGAMygnXlwNroRfPv0wLphP3%2Ffoq7iSQeQ6FTwAEfWBsAJGIcNQ046Uv%2BELOEa%2F0Xg0D0WFdMxJmmAWo9OqHUg7cB2HNaynjG7k%2FhKaLxYd3w2eIqyvGveFJka43GSKaQwJDZt4fIraBE"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61ec89b18df4-MIA
p.js
cdn.parsely.com/keys/foreignpolicy.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/foreignpolicy.com/p.js?ver=3.12.0
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
4a00a7cc84ded60447d21ee0b01cb3892bee68a623b3bef49d368b737852fb1f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Wed, 17 Jan 2024 07:24:32 GMT
content-encoding
gzip
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:28:52 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
26465
etag
W/"5e8531c4-b526"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
5rKxdjTmrvWy5QeEaonQwF8Xy1lAKyQ72jr7A2BEl2LzzBmiebG1hw==
expires
Thu, 18 Jan 2024 07:24:27 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 12:15:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 12:15:04 GMT
/
foreignpolicy.com/_static/ 		331 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/_static/??-eJy1le1O6zAMhm+ILICEED/QuRTkpKb1msYhdlbG1eNpDBAS0tlafqVW+z7+bvxcXOSsmNXrgBOKf+aK1GdXOFHcu9vrm3sPIqjipUYvsVKx54AD7Iir+JdGb5utXPkVWDRBj7KMJpT7hMpZfBOsrhBkXobcYe64+kD9M7Oezs1E+QxuacGMT2bkqXA2jX1dXKIdujez3cATOsid4xwYamfZnOno9wSg65yyi5DMhupCU6vTSbAVDxrDsrS+epnt7EGJ8/pEl3EWa7Jaf8X0rfyBDxnp0Jg8yl/AWzi8D+gURuQd1uVd/uYIZzeT9Xx2+GpFypA+Mvl/B6IWaTxMRZ84QLpI2pSS+MQ2cqJcbbsvx6xVnMg8EjrTyqXxPJXKr/sniNEgFxG2Lw3rfnOMZVlmxxpbRBPJKijRevjrrEBq9Zyx+bE3p2AojvsBocO6cBG/A2WAigFW2Loj9UOr3Nvls+4FBknd56T9mx5v7q/v7kz78LB9BxH74as=
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6824bac46086a386c8abb74304f674ad45f0dbfd0b2c97e49f4b1d04942662b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 243 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:59 GMT
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdK1mh6DEdTasR9RdjLa2tXzwuPGpebvUxJyspZbYUWJqRbHoQjBN85bctwKM7jbATdBaI46wBPk%2FybajtTLB0SWQjuerwRECA1ZmDH5eEf%2FHPwrzpen2qlTK43Pi1lDxaQcgxdpJiuUVvEQIsJB"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61ec89b48df4-MIA
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdNhYkiAAAAAEo_IrOgwgJPQt4LnKpiSPXhUHxZ&ver=1.0.0
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
94c2225b0f89c5c6f22d215e7be3998516a4ab250c9b5e1b8fd57ebe0c4b44fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 17 Jan 2024 14:45:32 GMT
/
foreignpolicy.com/_static/ 		349 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/_static/??-eJylz7FOw0AMBuAX4uIWqao6IBZeACZWX+ImDpfz1fYl6ttzLEwI0TJasj//P2wl9JKdsoNPtJDBWZR4zKFI4v4aHnf7I5Qa2wDWKxc3iDThyqIGmTZL5E4arB3V0i2cu9ke4G8wmlEDBzb/1h0/SFZSu9H6LWSwGi1IjoI6cB7DOcl2X1bTn34UHOl/1kp5EIV+QvVI6Ddo5uit+WyAibRZ82slvXbvL7Ig5ze6VLL7QLawSOT0Ve55edofd4dD2zid5k/559JN
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
287abf45ebdb5831778ac29c569a55209b21e030cf7f6f88a3c4ad6ebbcc8f92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:59 GMT
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmA8vcpD4JnOsgQY4IefED3eqeqjFdgYVTsDrQ2d6GoenyRCI8b3hGRkxs1u4gpYzQfuPuy1Bz%2BQrCcIHrtXGvNVGitSK8Mwi29aIHilO%2Bru1U2%2FuUlY1z6rPHKUBMhx7ERGLHoz9ZGOPeeeum0M"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61ec89b58df4-MIA
foreignpolicy_homepage.js
lngtd.com/ 		1 KB
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lngtd.com/foreignpolicy_homepage.js
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:9200:6:eea:300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dc566693de1d9f39776b6abc1bfa426799c28cb7974f060c8a9990fe59df770

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:33 GMT
content-encoding
gzip
via
1.1 65302a67852221313e65b936cd8d6b68.cloudfront.net (CloudFront)
last-modified
Fri, 12 Jan 2024 16:06:07 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
etag
"3380eae72c25bb7dbc5c3f86c7e9a4f4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
563
x-amz-cf-id
R9WC8cRzXi4Ahk_DmxLn0NZsDH7-Ed3U2ObvkPIREAD9Rab-ck-Icg==
/
foreignpolicy.com/_static/ 		233 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/_static/??-eJyVzs0KwjAQBOAXMt1WKKUH8Vli3NoN+SOzUXx7I3j0oLeZw3wMPYpxOSknJd05MmjLleWWTMlB3NMcx2mh0i69EFyVoqCmEkDITmzAbitjiJIGjwP95kGtds+DbHW73NmA38l0qgXFH9TXa1t2DabUfP0cO8fTtIzz3Bfr6l8S0Fme
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1321e4d20e234b4f74dabc0fae656a3d0520ba4acd7b1aec3f62be3b5a4780dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 243 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:59 GMT
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2DVp2%2F90fCC%2FHdQH8NXWRkaCva6A9%2B4%2ByE9LkozuZX7bNlLajS6U8C5AsjSnxYtBXTSrtvZjND%2F9qKLdyGVJshJ1Bffvxs9%2F8si4t6EszkJY%2BTKh7exUUFH1ndX5JfKagsC1COHchynmspqdOGR"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61ec89b68df4-MIA
e-202403.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202403.js
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT mia
date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402356417.2146
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Mon, 13 Jan 2025 15:28:56 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
846f61ecfca76ddf-MIA
solido--normal--400.woff2
foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/solido--normal--400.woff2
Requested by
Host: foreignpolicy.com
URL: https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20b8f39d0c0d0a73cd0d0f5b29b07c8d992df61c86dca3555efd9485544da46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
16468
x-xss-protection
1; mode=block
x-rq
mia3 123 243 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:58 GMT
server
cloudflare
etag
"65a7e466-4054"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWsW174Ts6QtLppUrgG5quHoSNfHuoYw%2BGlNlP%2B6It%2BGBjNtk%2FGW9JIP2wQ2zDR25SYePbnOfBPrq4q62TiGUqn0eK6YE%2BZDk6bZTA7aIT5Zliq32XOkgTfn9irbDhr39TQTD4GssNm6OHTJ3TpQ"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f61ecd80cdad9-MIA
tiempos--normal--400.woff2
foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/tiempos--normal--400.woff2
Requested by
Host: foreignpolicy.com
URL: https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4320d39d1f102e220b19cbb1a2922f9d2955e7330e4d16028637d9fbfbe851b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
56760
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:58 GMT
server
cloudflare
etag
"65a7e466-ddb8"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qduEvP96fjjou1UXYquPNLxR8OkUf1sH1wuabt87mPEzRdgKHK7DNnXwg8pIYN25SKJnGnrG4YUxpU5t9khrKovxdDptXlUe3xlXnNfHMps7rQUjpdkZW9gbVGPY%2BROJK1ETwk%2FuZuSYHYYcakIm"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f61ecd814dad9-MIA
tiempos--normal--600.woff2
foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/tiempos--normal--600.woff2
Requested by
Host: foreignpolicy.com
URL: https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bb3ba317e4f76df96fe27e65149bc7472ab3cd0cf174207c10aa78d0df54c0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
41900
x-xss-protection
1; mode=block
x-rq
mia3 123 243 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:58 GMT
server
cloudflare
etag
"65a7e466-a3ac"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLybDdzjvcs5kRTKOYsPuwuMtFtHiZDVkVTVhG6cktHmIPAXMLAzIETH3SP0HQSib2IpUPt64xT5XTmPaZ9jy0tPKeYvBfp9JO3uTKZN9%2FL5Zbz9tNcnA7tF0JS8%2FsOc3GhHkoK6gRkFUmCdb8BU"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f61ecd815dad9-MIA
gtm.js
www.googletagmanager.com/ 		327 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KVBCHJC
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2cfe845ea897bbb976dd07743e666dd93000bc84e854bc3064429d4b4c6ed23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105559
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Jan 2024 14:45:32 GMT
ae07aac3-087b-4903-ab6b-dfb57fb872be
https://admin.s21.lol/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://admin.s21.lol/ae07aac3-087b-4903-ab6b-dfb57fb872be
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.s21.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
truncated
/ 		405 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4312d8893b200e857cf41bd7ab005a7bab22f08d1dd2fc9bdc0b7394bd722bac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
tiempos-headline--normal--200.woff2
foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/tiempos-headline--normal--200.woff2
Requested by
Host: foreignpolicy.com
URL: https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed1ede8aa11278c6bd4ac6113dd4970739d89e7a657b317680ad865d14709bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
47300
x-xss-protection
1; mode=block
x-rq
mia3 123 243 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:58 GMT
server
cloudflare
etag
"65a7e466-b8c4"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSbsqlQXWvS7RIsYHBbuMo7Ce1FOzCP%2FUyXkzqqbcSo9JXRzz4AmIlCDWbterUjaLT%2B35bZBdSdQoKbsIGedJ1evBgcImupBjhaN5nEcP45W9fR%2BRFmmHg%2BjAnwvGsmI3K04KlxlLVp0omS7ONnO"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f61ecd813dad9-MIA
solido--normal--800.woff2
foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/solido--normal--800.woff2
Requested by
Host: foreignpolicy.com
URL: https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ae9dc6f44bf3313d3c2b5e6ddd84e8e93a9696cf839e57ed11c6995862e1961
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
16148
x-xss-protection
1; mode=block
x-rq
mia3 123 243 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:58 GMT
server
cloudflare
etag
"65a7e466-3f14"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ynL4jjrgy8ecHTbcAsd2LgT7rN%2BudYiarc66SiB%2BrN4X0PGiJcbEUbBq2xtbe00e3K8%2BQAh4SX%2BLPHPI1nfo8qDBr%2FWZvfhztzNlYbwietdwW3G%2BQ71B%2B%2B2wF2e5Xh92CjKJjrMaLEaub3Oo1K1"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f61ecd812dad9-MIA
tiempos-headline--normal--500.woff2
foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/tiempos-headline--normal--500.woff2
Requested by
Host: foreignpolicy.com
URL: https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540eea0d79e32f705ec544f48b9d9e3e6a7877961d4b9cc763677003751b9fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
36728
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:58 GMT
server
cloudflare
etag
"65a7e466-8f78"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WZX9%2FHesBAt4HC0gZgND173hWrrzQU51PjlAfdbHz1WKsy%2Bx%2BtauQwRfvK%2BntXi3aBV3b7%2FBAV2HuZ0iXj%2Fx3Gg1wJ0%2B61YK0%2Ff4A51cC9DzEFjXRwNpKxhC%2BBN9ShT3VpftWlyukgdRSqnU1%2Fm"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f61ecd80edad9-MIA
tiempos--italic--500.woff2
foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/tiempos--italic--500.woff2
Requested by
Host: foreignpolicy.com
URL: https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7a65d77f9b47d84d33b12bd57b84b32edecc0068fc1340249dc1b3f57c63325
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
47172
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:58 GMT
server
cloudflare
etag
"65a7e466-b844"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uq3J6iYGYBvj2CiQaRQhe7MbyVWiENhL%2BhpPMRT8DRrsdIDprTbR%2FWf8sJexgebhQUqFp12L0kLmgnC3cpv2zYdxriLdZR1kEf30U%2F8Dj7sSSyyv8kO29TiXZP1RUbLbHyR6iuuqN%2Bxg2q7BO5co"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f61ed0858dad9-MIA
Ones-and-Tooze-podcast-foreign-policy-logo-3000x3000-1.jpg
foreignpolicy.com/wp-content/uploads/2021/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2021/09/Ones-and-Tooze-podcast-foreign-policy-logo-3000x3000-1.jpg?resize=150,150&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98c988c761148b7a1fd047037288ab38277347275a6d67f250d0fd4347875d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
396337
x-cache
HIT
content-length
4874
x-xss-protection
1; mode=block
x-rq
mia3 86 45 443
referrer-policy
same-origin
last-modified
Sat, 25 Nov 2023 15:42:22 GMT
server
cloudflare
etag
"d5c41d6c168854be"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LqsKa05b4djjIsimRt2Qm%2BO1MhDLpMT24kyi6w4f9wRRhLmm3LK65tjdf2mXFEaVSv8R5wL%2Bloizfsme5XU0GNqUvPXgBaqoKA%2Bhk8I5lgz731nTt5PLDhB7Xo%2BQk0vM1AgLw%2BybR0pl3N6S8Bw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a6e8df4-MIA
I_SPY-series-art_updated.png
foreignpolicy.com/wp-content/uploads/2019/11/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2019/11/I_SPY-series-art_updated.png?resize=150,150&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f46dd6edf25ddabbbab99485f927e64dff29fd0d52a1ee6c2895466e7099762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
386925
x-cache
HIT
content-length
4922
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Sat, 25 Nov 2023 15:42:22 GMT
server
cloudflare
etag
"73cdca1f39dc9a9b"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUmgNbhfTQ5g1t6R01ap5SDPXq9nbBNzGbWSc72QNFeqtEX70pVbKjKjk9XnZeCC5cRFXxYMam8ULS5NLeURaPz5BHtuszs0gTZl6G0hvrNX%2FLiZWLWgAnVst4%2B%2FJM9554Vy8eZQaN9TNhMR%2BPQk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a708df4-MIA
FP-Live-podcast-logo-3000x3000-1.png
foreignpolicy.com/wp-content/uploads/2023/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/02/FP-Live-podcast-logo-3000x3000-1.png?resize=150,150&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86eef6900e733c6793c90e7219cef80dbf187d2108e4f45f6732a9812dadcb5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42100
x-cache
HIT
content-length
3244
x-xss-protection
1; mode=block
x-rq
mia3 86 237 443
referrer-policy
same-origin
last-modified
Sat, 25 Nov 2023 15:42:22 GMT
server
cloudflare
etag
"bf1bcde44920788f"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sg%2Bd5l2ebnG33cr6YtCXB5KeQ2lt6JoT3KWb%2BNdnT76PS9Es%2BvAL%2F97gltJu3TAj59sXcaJv7rPNIq1rHdsX9YOXWJ3bFP0UOkcoNHCL9SiTW%2B%2BIPN0iVF4oexqMQcd1nx5hLVRNz91%2BNetE%2BQ0a"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a718df4-MIA
election-2024-winter-print-foreign-policy-magazine-cover-1.png
foreignpolicy.com/wp-content/uploads/2024/01/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/election-2024-winter-print-foreign-policy-magazine-cover-1.png?resize=1189,1536
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a157ba2b922e5a6721b1b5bb9f0f1a9fe8dc27371bc6adc99b266a673b28e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
386925
x-cache
HIT
content-length
2277352
x-xss-protection
1; mode=block
x-rq
mia3 86 83 443
referrer-policy
same-origin
last-modified
Wed, 03 Jan 2024 16:25:31 GMT
server
cloudflare
etag
"9102c71d1b7d7659"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52upYm81hr5XwtLLHkNK8AgZ1LgvknZJwGfHyxy3YBv%2FnpFXeCcgaseM9QGCJR3j%2B2Ywym8v5ImsRh%2BH2SRA7u8L49THlfW6tGSqcm3aInSZTK8ZimTUw4r%2BM%2FlAw1W3qxX7LX2w4b8RTj4Yvtx6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a728df4-MIA
Yemen-Houthi-Protests-GettyImages-1920457135.jpg
foreignpolicy.com/wp-content/uploads/2024/01/ 		221 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/Yemen-Houthi-Protests-GettyImages-1920457135.jpg?resize=1000,667&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38442c178fabacc21fa1208e93a8a2250b66152a74bfc64e82a56fa3d17a3a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63656
x-cache
HIT
content-length
226740
x-xss-protection
1; mode=block
x-rq
mia3 87 107 443
referrer-policy
same-origin
last-modified
Tue, 16 Jan 2024 21:03:47 GMT
server
cloudflare
etag
"614eebd1df1adc82"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkJtGBPOIiV0l6zfTO%2BVuSUzpQQvfaYz0Y5DVVr5ZizSoP2kcm9Rkbw5TsyB%2FVdTuCyQrCuvYAKPeMC8VfPNxHdHehP9DpDAu%2BX2YrJLrbrOM42xj2PKsewMvnPfzN2QNcNyV1naAKBk3aIYqE8R"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a748df4-MIA
GettyImages-1911247487.jpeg
foreignpolicy.com/wp-content/uploads/2024/01/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/GettyImages-1911247487.jpeg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe8eab4dab1330d699ba66b0ea2c4944d33a90b4910e6720941d99b3edb0121c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174304
x-cache
HIT
content-length
119008
x-xss-protection
1; mode=block
x-rq
mia3 86 167 443
referrer-policy
same-origin
last-modified
Mon, 15 Jan 2024 12:13:21 GMT
server
cloudflare
etag
"5ae8c378ca84ddb6"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhbbpNkZjNxN4IN5VhT8KrrIgS0wFbuDazzY31jaVoRWmva9L5eWoKR8nTodWNJvP6R5jHDEA9%2BmOKibILeuMxhso3h%2BUKfbq8BCxHKybL36fm9ECK3GPo4zXa4CCdkVJB4VNqLZNhEtWF9Nt1zf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a758df4-MIA
TAIWAN-CHINA-DISINFORMATION-GettyImages-1923423042.png
foreignpolicy.com/wp-content/uploads/2024/01/ 		865 KB
866 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/TAIWAN-CHINA-DISINFORMATION-GettyImages-1923423042.png?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44fd5badf2be95377338a9c9c546e35ac63c89afd5d7901db475c2e5b10383f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62329
x-cache
HIT
content-length
885792
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Tue, 16 Jan 2024 21:14:57 GMT
server
cloudflare
etag
"5f61f52617bc2252"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJm8mQQcMtuHPsTqElRmkYIpnqoD%2B%2Bd%2FHt%2FiWDfeLpuGeToh19AtxZWb%2BAmYQpx%2B0geXeVyzQrAVY9T%2FneIeiYktqT9C1u6owLTd6NV%2FerY%2BDwJp32hniAgNRb8UPNvR5nRQ8fErvlOZKjXK81G0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a768df4-MIA
GettyImages-1676988617.jpg
foreignpolicy.com/wp-content/uploads/2024/01/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/GettyImages-1676988617.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3bb97e6c62f812024a34fcfa8bcd89e8b4bc63f9e676a96a3e950a40b98c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8166
x-cache
HIT
content-length
114778
x-xss-protection
1; mode=block
x-rq
mia3 80 86 443
referrer-policy
same-origin
last-modified
Tue, 16 Jan 2024 17:01:48 GMT
server
cloudflare
etag
"d6012eca3710492b"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSyPtrU5%2BtvWe8BOnlkI3dkj%2BWK7UhKsH%2ByiiNd4H7I%2FtGucM455oeorl3srs%2F4gCUse6SJ4xM0WQodiFoxhzzSCfZ8W1BLtISIdMwpjR00IjHqNg%2FNzx1a8eLZ45GxEfGAZH%2FzFCpES6%2Bmm304m"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a778df4-MIA
JAPAN-INFLATION-DEFLATION-GettyImages-1918308084.png
foreignpolicy.com/wp-content/uploads/2024/01/ 		886 KB
887 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/JAPAN-INFLATION-DEFLATION-GettyImages-1918308084.png?resize=1000,667&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a76550a9831e5198c6810bdf9caf89bbc491314ae22560513e6a18539497976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162688
x-cache
HIT
content-length
907458
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Mon, 15 Jan 2024 17:32:29 GMT
server
cloudflare
etag
"895cf9447355458f"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4XgvkHbPcIDKcfRjMqKAG0DaKGlufFr%2FKTKG4JNed4lJrB5sXS37qmgGHN5eRGEf9VM4XMAlfpOlfWODWDzfjpktRGhUzrPB%2FQn2aEaG8jENvgcmQkSk2qYBAI5I3s%2BJS5nLC5yIc2Ry1LkI7GF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a798df4-MIA
myanmar-shan-rocket-GettyImages-1751406688.jpg
foreignpolicy.com/wp-content/uploads/2024/01/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/myanmar-shan-rocket-GettyImages-1751406688.jpg?resize=1000,667&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc1e70a15ead0db3f0e702ff021a0c75acb548b80a69eb2b9ade7e80eefd6458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
388586
x-cache
HIT
content-length
41164
x-xss-protection
1; mode=block
x-rq
mia3 80 86 443
referrer-policy
same-origin
last-modified
Wed, 10 Jan 2024 01:25:10 GMT
server
cloudflare
etag
"7ccdeed2b697abd9"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Bcc61%2BaSvBtgIZO6X7dL9BFArS24UwXev7CuYQ9so4%2BZCTIOQegzQfwr7cOQnQOsP9loTHRTu6Ib8KwBztdiwbj%2FsLx3k2QcVUXW5ktJdRSEMHbmrFQkDbTs1vohlfim0HtD2H7fsd90Sao48ca"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a7a8df4-MIA
Saudi-foreign-minister-Faisal-bin-Farhan-UN-GettyImages-1842918852.jpg
foreignpolicy.com/wp-content/uploads/2024/01/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/Saudi-foreign-minister-Faisal-bin-Farhan-UN-GettyImages-1842918852.jpg?resize=1000,667&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31bc313b5f21822d904f4f8a2a528cfe156a9b23c1060425768da5ae074e1690
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26544
x-cache
HIT
content-length
76142
x-xss-protection
1; mode=block
x-rq
mia3 80 86 443
referrer-policy
same-origin
last-modified
Mon, 15 Jan 2024 11:51:43 GMT
server
cloudflare
etag
"82dbf4a931325155"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQFBxbiufrXcPgVBLOmnM%2BIZwOs7lpXoJ%2BrzYXg5VPeyslZJfXCaWctAHfigAZh72MZVh8PtDzCAL1aF9XsM7Y1t4AOu8Q3Uza9Ho0j3EbwE0wH4zABGM%2BE559JJwE96nYr%2FMmjoL76nHgCuXxfJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a7c8df4-MIA
putin-downfall-russia-foreign-policy-illustration.jpg
foreignpolicy.com/wp-content/uploads/2023/01/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/01/putin-downfall-russia-foreign-policy-illustration.jpg?resize=1000,667&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b443a3a5e102a75314535d9d0377f262d1c87700ac0b5fccf5ddcaf27d3fca5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
388586
x-cache
HIT
content-length
55500
x-xss-protection
1; mode=block
x-rq
mia3 86 167 443
referrer-policy
same-origin
last-modified
Mon, 25 Dec 2023 16:24:36 GMT
server
cloudflare
etag
"bbd84d34da99481d"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msZOKiHMy5SN6YJkuVa1tiv4Pbiy2nSBX2ijcyw%2BXoi6SEuUzkpZ8FDxfxI53eosgpaoEpHSUy9hxwjC2TBKaAVy7exofmE7rcWhtB8bNpoZ1TijbEQjg4MZzgTbvD3gPQzH4PIXyMiK9So19vzS"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a7d8df4-MIA
GettyImages-1696164864.jpg
foreignpolicy.com/wp-content/uploads/2024/01/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/GettyImages-1696164864.jpg?resize=1000,667&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d262b4d7e621b3a35a03ce0af41a9e129fd5667b8a0ff214ef094baa73c7e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
176257
x-cache
MISS
content-length
75534
x-xss-protection
1; mode=block
x-rq
mia3 80 86 443
referrer-policy
same-origin
last-modified
Mon, 15 Jan 2024 13:47:55 GMT
server
cloudflare
etag
"7dd1cfb0d3a043f5"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69ag5kaKPTM3WvwXmq%2BeefzVXY%2Bq9D10Wy1w3mYfTkRDNaz4X8QGROsF1LjtMukXc41LadQdloroxpOv82G4G8LbXbQiHWBLCFwqx8NOGgPhnmHzqCtWRD7wM3qFzyc1IWhnaMOpL%2BnkQdUH6FZb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a7e8df4-MIA
Taiwan-elections-China-GettyImages-1920277183.jpg
foreignpolicy.com/wp-content/uploads/2024/01/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/Taiwan-elections-China-GettyImages-1920277183.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2117e2a9c8332879a99eebf710b0d98892c19e5ecf84e21f809325982f8f318
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
385454
x-cache
HIT
content-length
50052
x-xss-protection
1; mode=block
x-rq
mia3 91 52 443
referrer-policy
same-origin
last-modified
Fri, 12 Jan 2024 19:07:55 GMT
server
cloudflare
etag
"64371d33443af123"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0kzIOD%2FKZMXrChV1JjHgFQzdBRV09IvKXhBHZVKD7g7Kp2%2BnME9n6SCaIlxfR2VKYmp%2FZZpFDvvQ0iNd4So%2F3qR12NwGadEMcH03XUQ2aAi6ZFEseH48r7au8wl5ttKrDwlX9WaR1n2ucZRc5B5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a7f8df4-MIA
trump-us-election-GettyImages-1760548344.jpg
foreignpolicy.com/wp-content/uploads/2024/01/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/trump-us-election-GettyImages-1760548344.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e85a89f47860723c3d4adc04aef900d2bf3824b0129c6d60dab71fed4e34486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
388585
x-cache
HIT
content-length
14832
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Fri, 05 Jan 2024 22:52:05 GMT
server
cloudflare
etag
"5461b9f155c569da"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUtm6b2tSWp2z98S2JBd85sWlCLpTEpad1p6MeKyd%2FBTVPP1SDbWHXennhKeUiBLliG6XnVncpXsN2qYcXYFB%2Bq%2FzQmzBfYJiS7B295ktBD3zKgh0HPK3EtGR8eGKrdAh3HbPH%2BIQjQoK8oYqrja"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed2a818df4-MIA
election-2024-winter-print-foreign-policy-magazine-cover-1.png
foreignpolicy.com/wp-content/uploads/2024/01/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/election-2024-winter-print-foreign-policy-magazine-cover-1.png?resize=325,420&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd7963e193505ea4ae4eb95290be92385092d41c48892324cb81f891c01cfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
342842
x-cache
HIT
content-length
135472
x-xss-protection
1; mode=block
x-rq
mia3 86 83 443
referrer-policy
same-origin
last-modified
Wed, 03 Jan 2024 16:31:38 GMT
server
cloudflare
etag
"1a3ef5a40b678857"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lm4hqZ6%2Bj0vHKaffnBi5QKkXLBS1xzwBf8D1R8lTrhZG0VNJepW3EiEb9GKXitCIfNzo9xCxEun80k9cNSauQOD8WO2qgaveRO5TZyO%2FCMuTdQMRHErhHpMWWwEKJMWe8p86%2FPQ9R%2BlhrwXq%2F2jH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed3a838df4-MIA
social-media-populaism-nash-Nash-Weerasekera-3-2.jpg
foreignpolicy.com/wp-content/uploads/2023/12/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/12/social-media-populaism-nash-Nash-Weerasekera-3-2.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f09bbc53d8c4e7ddcc4d35f40708df24067c45f5162e706b14f638700bb51d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
342842
x-cache
HIT
content-length
38810
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Wed, 03 Jan 2024 05:50:34 GMT
server
cloudflare
etag
"652e040f4ba278f6"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5P3O9r6AzwuGdI3rqxwgETqWkpGsgBoIbAQ6EK99ZBRipoewkdwju9eH9fC91yIcpo7vSPtCzwHD2Kf8N%2F3XqifI0XAjFH95HA6E45xWvLAL1NSTMlRrRzZmM0ljku5IalT5TzCANgdy%2FFKCr9Cl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed6acd8df4-MIA
elections-2024-nationalism-Nash-FP-1-updated_SW_V1.jpg
foreignpolicy.com/wp-content/uploads/2023/12/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/12/elections-2024-nationalism-Nash-FP-1-updated_SW_V1.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
437c57640654b8bcac8fb9a9547ef5629ea30ce8b20ef5e1d2270ea82106c60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
342842
x-cache
HIT
content-length
51642
x-xss-protection
1; mode=block
x-rq
mia3 86 167 443
referrer-policy
same-origin
last-modified
Wed, 03 Jan 2024 05:50:34 GMT
server
cloudflare
etag
"8749fbe44a38de32"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bl9eVGlEs4NM8CgsFAU%2B9E7LLPpvx%2Bo49gtMi%2B4Thqd3Hyk%2B9Bu%2BedEQ5ZngNVGA7JzITgweJDEZTezhhjqADzoLceHxxCo5hKJwcCyt8OeBUZFOt8PB7pqKqquxsY48dgkCVHT%2F6p2Z9%2FszyhR6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed6ace8df4-MIA
fp-live-logo-background-black.svg
foreignpolicy.com/wp-content/themes/foreign-policy-2017/assets/src/images/fp-live/ 		5 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/assets/src/images/fp-live/fp-live-logo-background-black.svg
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27dae83409f3ca9f6ef0d9dcb8370bda9c97a4eab0f3b415ea1fd0dee66d0d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387199
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 243 443
referrer-policy
same-origin
last-modified
Mon, 05 Dec 2022 15:30:49 GMT
server
cloudflare
etag
W/"638e0ea9-1327"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zxtv9LpZpurSuStVlzJRAGtn%2B%2B0Ba6dSCEbak3r1iBeQDKwj62WLF8SOo1a7LAVFc3KXOef9cyEw4%2F2gFuq5B9%2BtTKFPi9zMZFujZz%2B5apxM16TzxX%2B9dEyIvXhKqs2jZL5crjd5qICh1Fy%2FtLeN"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61ed6acf8df4-MIA
Taiwan-Election-FPLive-Site-3-2.png
foreignpolicy.com/wp-content/uploads/2024/01/ 		726 KB
728 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/Taiwan-Election-FPLive-Site-3-2.png?resize=1000,667&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20d5ab261902c043ec4b5b8c14aab3219ffbf3a5e766f6b4cd83aa17148813d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
388216
x-cache
HIT
content-length
743856
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Mon, 08 Jan 2024 19:32:13 GMT
server
cloudflare
etag
"5918365cab6c2323"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHXAzvLrqe5XohsAFtcmqltpKqFomuVlerBmahm5sZOY5EgmrByFxfhsfLjW1CxkspS25qNKldUuJG8xJqvkvkRjA%2F53vTyWtFSgexel7UWSrAT3skDjdK5K8NhVAVJUw%2BFIpsurnxY9FMwpbydx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ed6ad18df4-MIA
truncated
/ Frame D294 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Type
text/html;charset=utf-8
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:08:41 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kiad7000026-IAD
truncated
/ 		355 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e96a1c30dd645b125c564aad91f840765985337f9fbd2dde546d5c8b9a92315

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
fp-davos-democracy-session.png
foreignpolicy.com/wp-content/uploads/2024/01/ 		513 KB
514 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/fp-davos-democracy-session.png?resize=1000,559&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e742fbb9f957842081e160cc5feebe39b4f2b276aeb963bf58a15a1f34965ecc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32200
x-cache
HIT
content-length
525276
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Tue, 16 Jan 2024 18:24:57 GMT
server
cloudflare
etag
"1d624d172aca4340"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKGmTCk4rEzz3cYFikvqrRhvFXc6NFo2zEuFUoxHFPk%2F1gDXD833qvZ4YYEGm8N%2FAbHaF%2FcPsZQEl4g4C%2BnM719Jrlz2%2BgTfzGKUMs0uf9cx%2FO2RWx0zpebPYbxcDTso%2F6Bne77llo8bJiAlcnYp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61edeb708df4-MIA
Comfort-no-logo_v2.jpg
foreignpolicy.com/wp-content/uploads/2023/12/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/12/Comfort-no-logo_v2.jpg?resize=1000,563&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a259b7cb4e3fbffac29d34bb6af866381457febbd7924f959cee36b12765dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76646
x-cache
HIT
content-length
48648
x-xss-protection
1; mode=block
x-rq
mia3 86 45 443
referrer-policy
same-origin
last-modified
Tue, 16 Jan 2024 17:16:51 GMT
server
cloudflare
etag
"7ce47199fd9c7fe2"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3F%2BgLyXB7ViJPl%2FuHo5UdEu3LjAg%2FOhIl0lRMsdyNAqRXDCUwAKskWoC3latMfzRLHlzeHgHkc5UfdebC1UFONmX6TaQRGziW3JnHfnvHtxNqWSoeaSHB1eRumdwDa3Z5I7Cy2%2BNeu5Z5cdnSsl%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61edeb718df4-MIA
2023-Recap-Illo2.jpg
foreignpolicy.com/wp-content/uploads/2023/12/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/12/2023-Recap-Illo2.jpg?resize=1000,667&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9542a010a486394e6574f1e038aad53e3dd466fc3ff4c4d0c1491141e9282cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387184
x-cache
HIT
content-length
76954
x-xss-protection
1; mode=block
x-rq
mia3 87 203 443
referrer-policy
same-origin
last-modified
Mon, 01 Jan 2024 10:51:43 GMT
server
cloudflare
etag
"8829bf1404bf73f8"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33D5aRUv6adE%2F5kPZ1mWskrqOSZ6o2MflrT0bqEvIuAZ5sN7CrPsUQtZiM43xs8UK2%2BXvuCS2OIaZNBjiLqVBTr8ICJH1FyvqMcy%2B9gD8PIcbvegEc3gPTdrgmXitPQhhwTr1Ddhe2tbl9TlM95m"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61edeb728df4-MIA
2023-Recap-Illo.jpg
foreignpolicy.com/wp-content/uploads/2023/12/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/12/2023-Recap-Illo.jpg?resize=1000,667&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b836795c877fc7c6d95234b07a93ad5130f597bdba01b354e3e2f95b78a94cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387183
x-cache
HIT
content-length
76922
x-xss-protection
1; mode=block
x-rq
mia3 86 45 443
referrer-policy
same-origin
last-modified
Wed, 27 Dec 2023 15:55:31 GMT
server
cloudflare
etag
"91a6e4add6e4077f"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVJVK94jeemhAvl7O5edFoS9mt9G68A4x6h6T%2FvWuJ1HNQm4fvDLI%2BV7S6ydntcvoo%2FKM%2FkjdAJ6jxToppL1cwqWT114m3yClURKYjDG9KNd4rgPse0mbLGwR2iP54BxJVuMUpAKmvM%2FQTevH02F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61edeb748df4-MIA
gaza-israel-conflicts-to-watch-2024-GettyImages-1862336588.jpg
foreignpolicy.com/wp-content/uploads/2023/12/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/12/gaza-israel-conflicts-to-watch-2024-GettyImages-1862336588.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff8fd040fb7c5385289f2449955ceb2e1a537f1f19124cc47279f932e03d66f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
396336
x-cache
HIT
content-length
53036
x-xss-protection
1; mode=block
x-rq
mia3 80 86 443
referrer-policy
same-origin
last-modified
Mon, 01 Jan 2024 06:21:45 GMT
server
cloudflare
etag
"44644b181601ad4e"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WhwrF3kjQspida4oC1gyugOkmSdae9ntsLSDWOJZQyiI%2B5%2BeKHCb6F7IQlyPti5SqKVvW%2FT6Z3%2BuWkS7MRwI1GRieSMCMhh9G6jOjEc8gjOmX9oqDB1deuYVLTM0vO5nQQQm5Pvl9HesdDcHT5C"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61edeb758df4-MIA
ukraine-russia-war-GettyImages-1845864196-e1704712482491-resized.jpg
foreignpolicy.com/wp-content/uploads/2024/01/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/ukraine-russia-war-GettyImages-1845864196-e1704712482491-resized.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b363dd8dfc87c836dadde3420fed74e6ef3391c688247814668a5ad1b82e8418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
396336
x-cache
HIT
content-length
109410
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Wed, 10 Jan 2024 16:33:38 GMT
server
cloudflare
etag
"f72ac80387f687ba"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7Rue5p93ral2qh7qSWIbrh5kt9Qdu4fOlQpOMEN2KxUEff5p70w%2BPSPCxYPRUiyMFlJE6o3MVRnKlYihaWXuHFFmS0qLQeiu0lfrcyRFc%2Fzl04CZvxHq5QxXx44Vfr2KK2pxYW6qGmrHsRRPpUL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61edeb768df4-MIA
2024-global-election-modi-putin-maduro-sunak-bukele-hasina-ramaphosa-3-2.jpg
foreignpolicy.com/wp-content/uploads/2023/12/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/12/2024-global-election-modi-putin-maduro-sunak-bukele-hasina-ramaphosa-3-2.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2e29dc2a0e734f6e148884a2ebe64d54fac90c4787d371fa721c07083bf7a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393141
x-cache
HIT
content-length
60166
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Tue, 02 Jan 2024 22:35:55 GMT
server
cloudflare
etag
"d8556ac4b3249a12"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgI5dPQyv7ZsdVbyJPfk8u84VmetMSuQlhwXdYkJmCWr5S3XCapITH7qHSpjL7OTY7852p3v6FJGh0DT8V5ZoGtWlaD4WQVwwX8ieRoalIPYGHN6y6ZBSoGxYzEHmSs3fkVCNOwtApz%2BuDo7JAZB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61edeb798df4-MIA
trump-biden-deja-vu-foreign-policy-2024-election-Oriana-Fenwick-illustration-3-2.jpg
foreignpolicy.com/wp-content/uploads/2023/12/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/12/trump-biden-deja-vu-foreign-policy-2024-election-Oriana-Fenwick-illustration-3-2.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4904a185b0ed2f84453902fc666932957ce4bbd3253311c4dd68b31a98042ca3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393141
x-cache
HIT
content-length
82246
x-xss-protection
1; mode=block
x-rq
mia3 80 86 443
referrer-policy
same-origin
last-modified
Wed, 03 Jan 2024 21:46:21 GMT
server
cloudflare
etag
"fea8983a57c9e1b1"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLm2TqEWBZ0RcAWCeF8XYgOtT%2F%2Bz1E0kfYDxpAJ0Yj2AP3TKPLM6O2SOTQBrzSW0h2BtJbHb%2BceZEwFYz7RuWxGs3efJcb7c1RxQhos%2Bk3Pcam698Zyhm80KKhVMedOJ2wUXbEbMn1mJQvhDT5CX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61edeb7a8df4-MIA
Imagined-communities-benedict-anderson.png
foreignpolicy.com/wp-content/uploads/2024/01/ 		697 KB
698 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/Imagined-communities-benedict-anderson.png?resize=1000,667&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
791b086445dad97bbe5d626ade65bfd45c2ef1c218a47ef18d341f254544e7f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26544
x-cache
HIT
content-length
714098
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Sun, 07 Jan 2024 13:28:42 GMT
server
cloudflare
etag
"33d95718104a0c10"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2hG0qnn2gNxJnyiTieNPpuiSn1g6y9tO9hbbJVGfCHroDgUW9sNVV5Egms3%2FLa%2FN3v8LHJ%2BKr0OXsFk1R4Gw4RRXMry%2BjL6X2Aik5bkQkpku3AawB76av1smdjNeUgauPHwWG0nTMXb47CbqsxX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61edeb7d8df4-MIA
socialism-us-elections-GettyImages-953491188.jpg
foreignpolicy.com/wp-content/uploads/2024/01/ 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/socialism-us-elections-GettyImages-953491188.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc5001233bfc0825f3a20f540474fc40b65a56e5547036c46daf990cb976618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387178
x-cache
HIT
content-length
147278
x-xss-protection
1; mode=block
x-rq
mia3 80 86 443
referrer-policy
same-origin
last-modified
Sun, 07 Jan 2024 13:26:45 GMT
server
cloudflare
etag
"78d267664f842c8b"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4Aj%2BfUBTZYKZoMzA4fW7PEIRGTx5GhDz%2BMIi51hZxD2%2BXTwdZoYWqSpov%2BrEz6T46w9eAzt%2Fr2a2U8iyMiBSsNOvtxVpkjmTOAAqHJvgAps7kMkdASU%2BsBoggmp9e0is8ocaPU22mOzi9xDgQIc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61edeb7f8df4-MIA
cia-women-3-2-GettyImages-590927122.jpg
foreignpolicy.com/wp-content/uploads/2024/01/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/cia-women-3-2-GettyImages-590927122.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a918543c7cc15b4c74eee1a5f63adf0387cec5c683e2b1b405db50669ea8c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387177
x-cache
HIT
content-length
72268
x-xss-protection
1; mode=block
x-rq
mia3 86 83 443
referrer-policy
same-origin
last-modified
Tue, 09 Jan 2024 21:46:22 GMT
server
cloudflare
etag
"c006c90d6dcdc427"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiGh88g%2FfTZLNUDikGdGxv3JykF%2Ftp%2FKHvlsNVHpy5Z%2FpFtIkGbf1FldNlhSI4gLb9tJbDE%2FaoiliC4Iqc6Ru9kWXgTIm8UscJj9SJaqVRPrtq%2F3oiQmRkDEdn6Td0cfuApCE1zGJxPd1x4dZYvN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61edeb818df4-MIA
GettyImages-1853523084.jpeg
foreignpolicy.com/wp-content/uploads/2024/01/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2024/01/GettyImages-1853523084.jpeg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a276680883e2d298107dd8bf6e925be6b274caa036d213850adcf6b41606b21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387176
x-cache
HIT
content-length
76794
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Sat, 06 Jan 2024 11:43:32 GMT
server
cloudflare
etag
"d971721727b9fa73"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwqN1NrH2lCyo%2F8k0t3T0fm0pSw7uprGmox9ww3nJIyBL5iO1HtvFmVE%2F%2FYYSIpwNJ7QIqeCu3blkQEkyzQEEE%2BYYP9RD4CA5JpIgQ7lCrE5vzioRnVofE3TYJZjq%2FsW1aY25XY4TzVvdepYg6Jn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61edeb838df4-MIA
solido--italic--500.woff2
foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/solido--italic--500.woff2
Requested by
Host: foreignpolicy.com
URL: https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
925d7ce9e261c865c9de12379ce2232b8f7ffbfabfa86574702030d7bedaed2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
17452
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:58 GMT
server
cloudflare
etag
"65a7e466-442c"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrFVexxG6U5TUwdwKp4nPXhIf5q7evcwkhE9S686fertrCJbNSJ0%2BAi1%2Bnz3DxcHyxqSuFGqLL1eY%2BoGm%2FH83YR00FhkDy2iw570DmFpF7gIkpG48iIlLrXS49KczR%2BjfKQU9v%2BgeZa7h0SRrWhB"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f61eebb48dad9-MIA
solido-constricted--normal--600.woff2
foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/public/fonts/solido-constricted--normal--600.woff2
Requested by
Host: foreignpolicy.com
URL: https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dce58f0f3e3aed76124d0a7a87f6da517b1060b068cc87b6662332c6f4e673b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://foreignpolicy.com/_static/??-eJytk9GKAyEMRX9os7aFUvqw7KeUqJkZqZrBZFrm75uB7dLnwQfRYHKC3lz3nCFwVarqdKJC4gZulMYKM+cUVjgdjhc3L94CJ7pmy/Ao5G4FU/0utoLIl9vDGaxAeoACl5krbTSZsFHsDJ0II7XO0IqPNKImrp3BM4t2RireiR/UdqqFIrRp04wdWprt/KAauTmMEZQhYLYYG/hF1T7kr8BaONTg+/XzaRyY9b1DpAGXrH2mhMtOWwyEujS7/Hg3ZQrbcFjG6dBnLnDsYtsPZMHaH7oJ091tXD1ji6mO+8CiZtU3eKJNJYwCNrdNBcgz32HG9Yk5w79boLBPmQDjrSQJkGnEsG5tf8vP8XI4nw19vb4A+LcLxw==
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
17676
x-xss-protection
1; mode=block
x-rq
mia3 123 243 443
referrer-policy
same-origin
last-modified
Wed, 17 Jan 2024 14:29:58 GMT
server
cloudflare
etag
"65a7e466-450c"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcn3mt8AFkdRDL8LEp1WF77Y3hrPwHF8IKd4zCdvuORI5Wyd01z2J%2BnUWOImbF1JA4aBeucUxfFLHc3PvFGq9CXmh7rEweSphgswfsjGwFbbk803sZxzU7Y7C1DY%2B8q3LglzeS7qP9xWke8Xipi6"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f61eedb70dad9-MIA
2024-books-3-2.jpg
foreignpolicy.com/wp-content/uploads/2023/12/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/12/2024-books-3-2.jpg?resize=1000,667&quality=90
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
070d8bd670eea1ef341be85c1de1348bfefee770ce6de3df577195093e544158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387170
x-cache
HIT
content-length
122016
x-xss-protection
1; mode=block
x-rq
mia3 80 86 443
referrer-policy
same-origin
last-modified
Mon, 01 Jan 2024 10:51:22 GMT
server
cloudflare
etag
"81a43709e33aff55"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2B%2BzK6HAIAsaaf63gwN3bEGXSXD8Wwv7tKPvHAHKOBbYIO3nCF90jvpv3%2BoQA1Hezd%2F82joW%2FkVQY5HzPNcfx%2Bk0OhaKuSQO%2BXcZ1QtKWhfGb2O86u1d8NokYZIdhtKrCt3fsbZ%2FhLW%2FM3MJzf9x"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ef2ced8df4-MIA
Best-foreign-policy-books-2023.png
foreignpolicy.com/wp-content/uploads/2023/12/ 		377 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/12/Best-foreign-policy-books-2023.png?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebde59b20fa4a976c52458a050d179d57a19a2b988c9b51c8ffa77c0724f2a58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6572
x-cache
HIT
content-length
385688
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Mon, 25 Dec 2023 11:33:46 GMT
server
cloudflare
etag
"d1d67931ca28ae57"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRRF5tIqBVGEVHHOj8rDbVfGkfQ%2FFF6xwZoEqWrap1IpVkEWac5EFm1kP1PRQSKzjOfcN3YcGEjdpczhsDlCKQyOHi9NWFGRH0R1jHxsUOrPt1Q3l%2FuwGJZeCDhT3ksFZz99%2FKg3BFv5oFlbATIv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ef2cee8df4-MIA
Anansis-Gold-Yepoka-Yeebo-book.jpg
foreignpolicy.com/wp-content/uploads/2023/11/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/11/Anansis-Gold-Yepoka-Yeebo-book.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9e9c016ded4fe1a26b448429937822a4afad1c8f53d7348eb9bee852dea5877
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387170
x-cache
HIT
content-length
19788
x-xss-protection
1; mode=block
x-rq
mia3 86 83 443
referrer-policy
same-origin
last-modified
Wed, 27 Dec 2023 14:52:58 GMT
server
cloudflare
etag
"5fd2fd81faacb1a4"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOaOTQBHgIOvryKot5qtx%2BckLzvqh4jw9JxJ7Dq1sDxdtiyDJAQz%2Bm4fXYVNWdJu9A61LDkSpi0z3SnHpBVD25NTerLQVJbN%2BFSoDn%2FVPMYLNA2iqsdq4jqCfn7qB8NTxtfn8ndzx6zNhqMleW7V"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61ef2cef8df4-MIA
/
srv-2024-01-17-14.pixel.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2024-01-17-14.pixel.parsely.com/plogger/?rand=1705502732667&plid=25615900&idsite=foreignpolicy.com&url=https%3A%2F%2Fadmin.s21.lol%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fadmin.s21.lol%2F&sref=&sts=1705502732662&slts=0&title=Foreign+Policy+%E2%80%93+the+Global+Magazine+of+News+and+Ideas&date=Wed+Jan+17+2024+04%3A45%3A32+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=58027841&u=pid%3D2f7e1165e33cb957b9ac902599d645ab
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.207.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-207-29.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:45:32 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 17-Jan-2024 14:45:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=f8f2b7e8-a705-457e-bf1e-9e77bd7abcf0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4f494f83-fe41-4cac-8d38-19776fcece48&tw_document_href=https%3A%2F%2Fadmin.s21.lol%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzlz2&type=javascript&version=2.3.29
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
8
date
Wed, 17 Jan 2024 14:45:32 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
44bb1dd75b0335f3
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
0acb08b76c8fdddbf0878ba4e7713b462b0441e850d2c2da8edc58302975e7f4
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f8f2b7e8-a705-457e-bf1e-9e77bd7abcf0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4f494f83-fe41-4cac-8d38-19776fcece48&tw_document_href=https%3A%2F%2Fadmin.s21.lol%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzlz2&type=javascript&version=2.3.29
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
8
date
Wed, 17 Jan 2024 14:45:32 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
23a661331a8ff918
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
2ee04af3b08838670c7c79362fb36cbcfe98f9a8cd4f674162addd58dfd13ea2
content-length
43
tinypass.min.js
cdn.tinypass.com/api/ 		388 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: foreignpolicy.com
URL: https://foreignpolicy.com/_static/??-eJy1le1O6zAMhm+ILICEED/QuRTkpKb1msYhdlbG1eNpDBAS0tlafqVW+z7+bvxcXOSsmNXrgBOKf+aK1GdXOFHcu9vrm3sPIqjipUYvsVKx54AD7Iir+JdGb5utXPkVWDRBj7KMJpT7hMpZfBOsrhBkXobcYe64+kD9M7Oezs1E+QxuacGMT2bkqXA2jX1dXKIdujez3cATOsid4xwYamfZnOno9wSg65yyi5DMhupCU6vTSbAVDxrDsrS+epnt7EGJ8/pEl3EWa7Jaf8X0rfyBDxnp0Jg8yl/AWzi8D+gURuQd1uVd/uYIZzeT9Xx2+GpFypA+Mvl/B6IWaTxMRZ84QLpI2pSS+MQ2cqJcbbsvx6xVnMg8EjrTyqXxPJXKr/sniNEgFxG2Lw3rfnOMZVlmxxpbRBPJKijRevjrrEBq9Zyx+bE3p2AojvsBocO6cBG/A2WAigFW2Loj9UOr3Nvls+4FBknd56T9mx5v7q/v7kz78LB9BxH74as=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d01a1013f2e1428beeb351111924257112a89e6150eac8fd84c00b7a84e69b8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
x-amz-version-id
H7a115WEqNXFo.QtnkpxpTVDitW2prKU
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
0MAM6YRDZV59PJXA
age
1980
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-id-2
EYV9S+y0/1OXOtm1H5ZwwQrbNv6ywPQkjRunhZavDAeR01h8D9ftKDLFs7W35ankk0A9blGd2hA=
last-modified
Mon, 15 Jan 2024 07:11:57 GMT
server
cloudflare
etag
W/"aa1d660c48c990b14bcbd31be164beca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
846f61f09a796dad-MIA
expires
Wed, 17 Jan 2024 18:45:32 GMT
/
foreignpolicy.com/r/api/ip-access/ 		411 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/r/api/ip-access/
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea66266dc936e979021869d3755ba6c9cb645fac40d529413959b8ec96d34c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 17 Jan 2024 14:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
miss
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAyp6O9OUtg3OsUG2UVmA7O%2BpHzkVXgQ%2FIsWUh4kLcfLKsKh3U%2Bv%2BlMyFGP6JVIE6TRoeIHW3qHH6IEqB3Us7ItQ10eafBmoQGqdNaa7tJLJTogL89ufIOVJoGTSXhVsBr6dn970S3dEKBwINyUo"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0
x-frame-options
SAMEORIGIN
cf-ray
846f61efddacdad9-MIA
close-white.svg
www.foreignpolicy.com/wp-content/themes/foreign-policy-2017/assets/src/images/icons/ 		716 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.foreignpolicy.com/wp-content/themes/foreign-policy-2017/assets/src/images/icons/close-white.svg
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc1a32502f4c87ae87449036864c81b1ca19ebe5c87a92774bd60e0ba723cd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
396278
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Mon, 05 Dec 2022 15:30:49 GMT
server
cloudflare
etag
W/"638e0ea9-2cc"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EF%2FXyonEvab8wlx9jBSx62%2BOaLxnwQ4848ZqObWDKODc9GEafsQutuJz4zDYMPGfmbBEp7F9KLdEKZy4h%2B%2BDNJQDhiHS9J8peeprRn4bzsQTQOVUxooSm3Kg88YxqI1qHZVYynhT%2FgbT%2FqZ%2FZNyxa7w7zg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61f00dd68df4-MIA
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 		503 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdNhYkiAAAAAEo_IrOgwgJPQt4LnKpiSPXhUHxZ&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206076
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 14:34:15 GMT
homepage.1705075560.js
s.lngtdv.com/foreignpolicy/ 		139 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Requested by
Host: lngtd.com
URL: https://lngtd.com/foreignpolicy_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ef92675fbf09a157c46e086902cfc9e0e9920b048399e98eb1c04046722e0f2c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 17 Jan 2024 14:45:33 GMT
content-encoding
gzip
x-age-lb
426228
x-amz-request-id
tx0000044b8ee2f7f587551-0065a1638a-85c8189-nyc
x-77-cache
HIT
x-accel-date
1705076505
x-77-nzt
A5ySJBY3Nzf/9IAGALk73xQ3Nzf/jwMAAJySOhedExYA
x-accel-expires
@1736611594
x-77-age
427139
x-cache-lb
HIT
last-modified
Fri, 12 Jan 2024 16:06:06 GMT
server
CDN77-Turbo
etag
W/"902e7572c0a7df51d598a94f242c929b"
x-77-nzt-ray
1e192d084e8180880de8a765636a0b01
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=162972146&post=997852&tz=-5&srv=foreignpolicy.com&hp=vip&j=1%3A12.9.3&host=admin.s21.lol&ref=&fcp=1126&rand=0.0883822422885121
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 14:45:32 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wp-emoji-release.min.js
foreignpolicy.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
396990
x-cache
HIT
x-xss-protection
1; mode=block
x-rq
mia3 123 243 443
referrer-policy
same-origin
last-modified
Wed, 06 Dec 2023 23:24:04 GMT
server
cloudflare
etag
W/"65710294-4904"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3p41DeDvYXBYQqPYg3PVLCpNy8QwTsQEBUR%2Bjk94xm3Xv%2FJbEE931GYjApfdrzQedUuzTrGXd9nbunRrAbugt441gGi8zfBjDAIepxHYbJfgOx32DcU7EiEaBb6murRtZ%2BrJTP2RH7t%2BheUjtaG0"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
846f61f01df08df4-MIA
js
www.googletagmanager.com/gtag/ 		337 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T5CKP06L0Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVBCHJC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2d467f355b64a47bf2ff9939d2111a961d4a6d591c977bece7e75bdf0c7c186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
110039
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 14:45:32 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVBCHJC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:8::1728:b316 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Jan 2024 16:29:26 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=83956
accept-ranges
bytes
content-length
15732
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVBCHJC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 17 Jan 2024 14:45:32 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 73875E547D4C4A97B1B3D657C8582A36 Ref B: MIAEDGE2507 Ref C: 2024-01-17T14:45:33Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
fbevents.js
connect.facebook.net/en_US/ 		212 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 17 Jan 2024 14:45:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56915
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
RX3iTLcMPELo0EO7cCfIcbxjGwdTLWNBCC2wzR6ZGM4Nv6KIC/1OOx9AFPyl/eCJjywUn5+eKWkXDw0rSzgh2Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
fkdmmngnjg
www.clarity.ms/tag/ 		650 B
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/fkdmmngnjg?ref=gtm2
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90a4e634fae457b5b5a5a44bd88844186df3cb9593937c80465733e09a266e59

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
-1
date
Wed, 17 Jan 2024 14:45:33 GMT
x-azure-ref
20240117T144533Z-80sbm8bve50mp8swbgg38ncm9s00000004a000000000fddk
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVBCHJC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-113.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:41:18 GMT
content-encoding
gzip
via
1.1 16490f661d04b5f69e5cda7988ce930a.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 21:44:22 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
256
x-amz-server-side-encryption
AES256
etag
W/"edee28fbd3a5c9f3c17e0333554b5646"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
GGrY7OqE9oOlBZzUXAO2MQ27x2eFzMQhK8t28kraDUevj8Ga-APQog==
marfeel-sdk.js
sdk.mrf.io/statics/ 		160 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=3439
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62199c755872c6357ad3e83df67427de0aeac1bec63741b36b2a8968df6d0c91

Request headers

Referer
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
5ms
date
Wed, 17 Jan 2024 14:45:33 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 17 Jan 2024 14:45:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
11
accept-ranges
bytes
cf-ray
846f61f1c9dd8df0-MIA
alt-svc
h3=":443"; ma=86400
content-length
46539
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVBCHJC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jan 2024 13:51:45 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3228
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 17 Jan 2024 15:51:45 GMT
index.js
cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@3.7.1/dist/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@3.7.1/dist/index.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVBCHJC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f635cc11075c6c748d78bf5ff56f84c94229a01a3224368a674a25ea0c98aa4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 Jan 2024 14:45:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
7312868
x-jsd-version
3.7.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10254
x-served-by
cache-fra-etou8220036-FRA, cache-mia-kmia1760057-MIA
x-jsd-version-type
version
etag
W/"6153-3ZIgkRGikngRf9tOJUsS9US5pnQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
adsct
t.co/1/i/ 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=1eb5cd07-4784-4291-9626-e8bb3446e834&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4f494f83-fe41-4cac-8d38-19776fcece48&tw_document_href=https%3A%2F%2Fadmin.s21.lol%2F&tw_iframe_status=0&txn_id=nzlz2&type=javascript&version=2.3.29
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
95
date
Wed, 17 Jan 2024 14:45:32 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
c47969a36ad54233
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
0acb08b76c8fdddbf0878ba4e7713b462b0441e850d2c2da8edc58302975e7f4
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=1eb5cd07-4784-4291-9626-e8bb3446e834&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4f494f83-fe41-4cac-8d38-19776fcece48&tw_document_href=https%3A%2F%2Fadmin.s21.lol%2F&tw_iframe_status=0&txn_id=nzlz2&type=javascript&version=2.3.29
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
9
date
Wed, 17 Jan 2024 14:45:32 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
b1e8524d4d4d4c53
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
2ee04af3b08838670c7c79362fb36cbcfe98f9a8cd4f674162addd58dfd13ea2
content-length
43
analytics-browser-gtm-2.3.2-min.js.gz
cdn.amplitude.com/libs/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/analytics-browser-gtm-2.3.2-min.js.gz
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@3.7.1/dist/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.115.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-115-222.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
713f511fa78bacaf5b56ed62bd685d4da42bd60a5967089dd43b782e911936c7

Request headers

Referer
Origin
https://admin.s21.lol
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 13:03:09 GMT
content-encoding
gzip
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-amz-version-id
Ap9TxTr1jd.uBxfyAyxlFgHmKx7DI9a_
x-amz-cf-pop
JFK50-P6
age
6145
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17453
last-modified
Tue, 26 Sep 2023 21:10:41 GMT
server
AmazonS3
etag
"ec3bbf1e314398aa76e6ddc00b60ec6d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
zmlbq7YC36NH_gd6lLNCVT4gS9qmJfSCwg_hj6Z2YnFyuT441TU6JQ==
187092000.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/187092000.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
76c9d6b03da634dc0afd4d24211479bc5347b777fd7f7e1b71d884a26fb64f23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Wed, 17 Jan 2024 14:45:32 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 008B255424734E01B208408C279E70CC Ref B: MIAEDGE2507 Ref C: 2024-01-17T14:45:33Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=187092000&tm=gtm002&Ver=2&mid=996d3fe9-90b6-41d6-9c32-bcad11fd0c84&sid=113c5c10b54711ee8f7c1d930f7ff223&vid=113c7290b54711eead31f181a8e870e1&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Foreign%20Policy%20%E2%80%93%20the%20Global%20Magazine%20of%20News%20and%20Ideas&p=https%3A%2F%2Fadmin.s21.lol%2F&r=&lt=1559&evt=pageLoad&sv=1&rn=128083
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 Jan 2024 14:45:32 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 346C186EE2F848B1941CC04B1495AF44 Ref B: MIAEDGE2507 Ref C: 2024-01-17T14:45:33Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/327454172/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/327454172/?random=1705502733232&cv=11&fst=1705502733232&bg=ffffff&guid=ON&async=1&gtm=45je41a0v867730941z879187108&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fadmin.s21.lol%2F&hn=www.googleadservices.com&frm=0&tiba=Foreign%20Policy%20%E2%80%93%20the%20Global%20Magazine%20of%20News%20and%20Ideas&auid=1099845309.1705502733&uamb=0&uaw=0&data=event%3Dgtag.config%3Bauthor%3D%3Bcategory%3D%3BdatePublished%3D2020-03-16%3Beditor%3D%3Btags%3D%3Bvertical%3D%3BpageType%3DMiscellaneous%3Bads_blocked%3Dfalse%3BinMagazine%3D%3Bcontent_group%3DMiscellaneous%3Bcontent_group2%3D&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T5CKP06L0Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bf60b6a71cf6ec67c5a9772b02fc160aae7b050b7351519ef877b6662171f5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1393
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-T5CKP06L0Y&gtm=45je41a0v867730941z879187108&_p=1705502732210&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1281492989.1705502733&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&sid=1705502733&sct=1&seg=0&dl=https%3A%2F%2Fadmin.s21.lol%2F&dt=Foreign%20Policy%20%E2%80%93%20the%20Global%20Magazine%20of%20News%20and%20Ideas&en=page_view&_fv=1&_nsi=1&_ss=1&ep.author=&ep.category=&ep.datePublished=2020-03-16&ep.editor=&ep.tags=&ep.vertical=&ep.pageType=Miscellaneous&ep.ads_blocked=false&ep.inMagazine=&ep.content_group=Miscellaneous&ep.content_group2=&tfd=2063
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T5CKP06L0Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T5CKP06L0Y&cid=1281492989.1705502733&gtm=45je41a0v867730941z879187108&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T5CKP06L0Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1296::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:45:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Dec 2023 11:02:02 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6055
Expires
Wed, 17 Jan 2024 15:45:33 GMT
geofloors.json
floors.lngtd.com/ 		2 KB
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://floors.lngtd.com/geofloors.json?account=foreignpolicy&section=homepage
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-18.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
b41f1abd72d3d572a2369eb4fe60701587c8322b977c2ab1168977085fe9f37e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:35:55 GMT
content-encoding
gzip
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P6
age
579
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
public, max-age=1800
x-amz-cf-id
MYEE1UB-OaAYi-6L8tvbff4rlUS_8Ltl9iWyEcbqLQLgKxXm4B7xvg==
anchor
www.google.com/recaptcha/api2/ Frame 6F56 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNhYkiAAAAAEo_IrOgwgJPQt4LnKpiSPXhUHxZ&co=aHR0cHM6Ly9hZG1pbi5zMjEubG9sOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=krfq24itwltj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6a5b862320b5dcd29d3612ef50c8b93a96186f11d434f749e32abd2d83b87ee5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wyyLP4unK7fqwFAj7EuRTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wyyLP4unK7fqwFAj7EuRTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:45:33 GMT
expires
Wed, 17 Jan 2024 14:45:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fkdmmngnjg?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:33 GMT
content-encoding
br
last-modified
Mon, 15 Jan 2024 09:28:11 GMT
etag
W/"0x8DC15AC4AC3CD45"
vary
Accept-Encoding
x-azure-ref
20240117T144533Z-80sbm8bve50mp8swbgg38ncm9s00000004a000000000fdg0
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
aaf4d4ca-e01e-002c-17c0-47c274000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
187092000
www.clarity.ms/tag/uet/ 		841 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/187092000?insights=1
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/187092000.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
81c9726bbfd3befdb7dcf5b865de0d0039fcea001000e08b32d7e402f4792a62

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
-1
date
Wed, 17 Jan 2024 14:45:33 GMT
x-azure-ref
20240117T144533Z-80sbm8bve50mp8swbgg38ncm9s00000004a000000000fdg1
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
841
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
www.google-analytics.com/j/ 		16 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=584931854&t=pageview&_s=1&dl=https%3A%2F%2Fadmin.s21.lol%2F&ul=en-us&de=UTF-8&dt=Foreign%20Policy%20%E2%80%93%20the%20Global%20Magazine%20of%20News%20and%20Ideas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1456770473&gjid=1588585813&cid=1281492989.1705502733&uid=&tid=UA-6874192-49&_gid=775211254.1705502734&_r=1&_slc=1&gtm=45He41a0n81KVBCHJCv79187108&cg2=&cg3=&cd2=0&cd3=&cd4=&cd5=&cd6=&cd7=&cd8=%2F&cd9=2020-03-16&cd10=&cd11=&cd12=&cd13=Miscellaneous&cd14=&cd16=&cd17=&cd18=null&gcd=11l1l1l1l1&dma=0&z=1539567927
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e429813cba2300e439fff875afb5d9631f03730fe595303522788725bee37d81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=584931854&t=pageview&_s=1&dl=https%3A%2F%2Fadmin.s21.lol%2F&ul=en-us&de=UTF-8&dt=Foreign%20Policy%20%E2%80%93%20the%20Global%20Magazine%20of%20News%20and%20Ideas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=824655686&gjid=2146075753&cid=1281492989.1705502733&uid=&tid=UA-6874192-41&_gid=775211254.1705502734&_r=1&_slc=1&gtm=45He41a0n81KVBCHJCv79187108&cd2=LID&cd3=RGRP&cd4=VID&gcd=11l1l1l1l1&dma=0&z=670029953
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1614889&time=1705502733568&url=https%3A%2F%2Fadmin.s21.lol%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1614889&time=1705502733568&url=https%3A%2F%2Fadmin.s21.lol%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1614889%26time%3D1705502733568%26url%3Dhttps%253A%252F%252Fadmin.s21.lol%252F%26c...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1614889&time=1705502733568&url=https%3A%2F%2Fadmin.s21.lol%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1614889&time=1705502733568&url=https%3A%2F%2Fadmin.s21.lol%2F&cookiesTest=true&liSync=true&e_ipv6=AQK8OjllY6REGgAAAY0X4nc0SopGkokwZR3UjMGif7kdiG3...
0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1614889&time=1705502733568&url=https%3A%2F%2Fadmin.s21.lol%2F&cookiesTest=true&liSync=true&e_ipv6=AQK8OjllY6REGgAAAY0X4nc0SopGkokwZR3UjMGif7kdiG3lZCNLed-7GzeN3L1m1tu4U5I
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:33 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: EF9B07FDC2A24061A0C37B462E0D44C6 Ref B: MIAEDGE1522 Ref C: 2024-01-17T14:45:34Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPJUymFlRFbe95tt7P/g==

Redirect headers

date
Wed, 17 Jan 2024 14:45:33 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 3BD17233DB6941DAACF16700ACFB8FEA Ref B: MIAEDGE2717 Ref C: 2024-01-17T14:45:34Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1614889&time=1705502733568&url=https%3A%2F%2Fadmin.s21.lol%2F&cookiesTest=true&liSync=true&e_ipv6=AQK8OjllY6REGgAAAY0X4nc0SopGkokwZR3UjMGif7kdiG3lZCNLed-7GzeN3L1m1tu4U5I
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPJUyhjIIPKpWQ79RRlQ==
pageview
api.sail-track.com/v1/track/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/event/pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.104.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version
Access-Control-Request-Method
POST
Origin
https://admin.s21.lol
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://admin.s21.lol
access-control-max-age
1800
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Wed, 17 Jan 2024 14:45:33 GMT
pageview
api.sail-track.com/v1/track/event/ 		120 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/event/pageview
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.104.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash
f67673dc2021a2da452b195f4e384f515dc2e05df9dd66048e821b6544cba173

Request headers

Accept
application/json
Referer
X-Lib-Version
v1.0.1
accept-language
en-US,en;q=0.9
Authorization
Bearer 2865c3fe7ed521383f3e189a035e04c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 Jan 2024 14:45:33 GMT
allowedorigins
*
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
120
initialize
api.sail-personalize.com/v1/personalize/ 		91 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
edfe2a20da16edefda1bae58e448d83ec297cee6c953677601dae335deb02fac

Request headers

x-lib-version
v1.0.1
accept-language
en-US,en;q=0.9
authorization
Bearer 2865c3fe7ed521383f3e189a035e04c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json
accept
application/json
Referer
x-referring-url
https://admin.s21.lol/

Response headers

date
Wed, 17 Jan 2024 14:45:33 GMT
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
91
initialize
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://admin.s21.lol
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://admin.s21.lol
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Wed, 17 Jan 2024 14:45:33 GMT
verify
id.tinypass.com/id/api/v1/identity/token/ 		193 B
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.tinypass.com/id/api/v1/identity/token/verify?browser_id=lrhwaj9zuu9prvvb&page_view_id=lrhwaj9z2qpjezfr&content_type=article&page_title=Foreign+Policy&callback=jsonp3840&client_id=beVmoi3WRm&site=https%3A%2F%2Fadmin.s21.lol
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0776fc3e3b47bfb421e93599468a9766d463fa4230ff58c76c969199a868fa17
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:33 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mxbue7sZUyF
pragma
no-cache
wn
prod-id-10-0-140-36
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
server-time
0.000
cache-control
no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials
true
cf-ray
846f61f568fd6dad-MIA
access-control-allow-headers
origin, content-type, accept, authorization
expires
Thu, 01 Jan 1970 00:00:00 GMT
203988873637408
connect.facebook.net/signals/config/ 		141 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/203988873637408?v=2.9.140&r=stable&domain=admin.s21.lol
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f5e74787b4b077fea39c89df5a529ba9e93ba3c9d364549fa5b6d1a870566217
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 17 Jan 2024 14:45:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
IL4xyx3R0MV9d9dPXHAabJ4wjpAes0C6IP55ZTtiwz7nz42pUpQAtJVcjq7lFyxokhx/zabCql185mud/8LrfQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 6F56 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNhYkiAAAAAEo_IrOgwgJPQt4LnKpiSPXhUHxZ&co=aHR0cHM6Ly9hZG1pbi5zMjEubG9sOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=krfq24itwltj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 10:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 10:58:22 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 6F56 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNhYkiAAAAAEo_IrOgwgJPQt4LnKpiSPXhUHxZ&co=aHR0cHM6Ly9hZG1pbi5zMjEubG9sOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=krfq24itwltj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206076
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 14:34:15 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6874192-49&cid=1281492989.1705502733&jid=1456770473&gjid=1588585813&_gid=775211254.1705502734&_u=YCDACEAABAAAACAAI~&z=1774136003
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 17 Jan 2024 14:45:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		245 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1T05LPL754&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
253105795d9d1def127bc5d640c9a32b7fdcfe5b2cc06e0be85758b2b53aa2b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86374
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 14:45:33 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6874192-41&cid=1281492989.1705502733&jid=824655686&gjid=2146075753&_gid=775211254.1705502734&_u=YCDACEABBAAAACAAI~&z=1794431816
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 17 Jan 2024 14:45:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/327454172/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/327454172/?random=1705502733232&cv=11&fst=1705500000000&bg=ffffff&guid=ON&async=1&gtm=45je41a0v867730941z879187108&u_w=1600&u_h=1200&url=https%3A%2F%2Fadmin.s21.lol%2F&frm=0&tiba=Foreign%20Policy%20%E2%80%93%20the%20Global%20Magazine%20of%20News%20and%20Ideas&data=event%3Dgtag.config%3Bauthor%3D%3Bcategory%3D%3BdatePublished%3D2020-03-16%3Beditor%3D%3Btags%3D%3Bvertical%3D%3BpageType%3DMiscellaneous%3Bads_blocked%3Dfalse%3BinMagazine%3D%3Bcontent_group%3DMiscellaneous%3Bcontent_group2%3D&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_VlmDk_2KUwxSyVidfcYLnmMD6alOSA&random=2078995057&rmt_tld=0&ipr=y
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cx.js
cdn.cxense.com/ 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1296::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5017f1aa960a09da1d30dd2258b7a6c134317bbc9b1fd9a4929caf7f3aa5ea92

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:45:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 13:04:16 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37198
Expires
Wed, 17 Jan 2024 15:45:33 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6874192-41&cid=1281492989.1705502733&jid=824655686&_u=YCDACEABBAAAACAAI~&z=1849427189
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ingest.php
events.newsroom.bi/ 		50 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3439
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.93 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy05.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
execute
c2.piano.io/xbuilder/experience/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=beVmoi3WRm
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5dbe11ff15ed0b7bad65f9a3b601cbd79edde3ceea704784503b78ecdfaba0c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
yd9g7l1pqh
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://admin.s21.lol
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
846f61f80c1c09ca-MIA
collect
t.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://admin.s21.lol
Date
Wed, 17 Jan 2024 14:45:34 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=203988873637408&ev=PageView&dl=https%3A%2F%2Fadmin.s21.lol%2F&rl=&if=false&ts=1705502733966&sw=1600&sh=1200&v=2.9.140&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1705502733963.1357983515&cs_est=true&ler=empty&it=1705502733654&coo=false&rqm=GET
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 17 Jan 2024 14:45:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1T05LPL754&gtm=45je41a0v9125592234&_p=1705502732210&_gaz=1&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1281492989.1705502733&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fadmin.s21.lol%2F&dt=Foreign%20Policy%20%E2%80%93%20the%20Global%20Magazine%20of%20News%20and%20Ideas&sid=1705502734&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_2=0&ep.ua_dimension_8=%2F&ep.ua_dimension_9=2020-03-16&ep.ua_dimension_13=Miscellaneous&ep.ua_dimension_18=null&tfd=2808
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1T05LPL754&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1T05LPL754&cid=1281492989.1705502733&gtm=45je41a0v9125592234&aip=1&dma=0&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1T05LPL754&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6F56 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 08:19:26 GMT
x-content-type-options
nosniff
age
109568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 23 Jan 2024 08:19:26 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6F56 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNhYkiAAAAAEo_IrOgwgJPQt4LnKpiSPXhUHxZ&co=aHR0cHM6Ly9hZG1pbi5zMjEubG9sOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=krfq24itwltj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 04:04:47 GMT
x-content-type-options
nosniff
age
124847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 04:04:47 GMT
sp1.html
cdn.cxense.com/ Frame E8C3 		456 B
683 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1296::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html
Date
Wed, 17 Jan 2024 14:45:34 GMT
Expires
Sat, 27 Jan 2024 14:45:34 GMT
Last-Modified
Thu, 30 Nov 2023 11:55:50 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
X-Check-Cacheable
YES
c8b7d244-cdfc-48df-8b4a-98e8c4fadc6a
config.aps.amazon-adsystem.com/configs/ 		564 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/c8b7d244-cdfc-48df-8b4a-98e8c4fadc6a
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-10.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
ca2aff9c6f85931e52a6397a6cb56ab02019f5ca20bcaac9789e8ebe32df1f80

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 13:47:11 GMT
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P2
age
3503
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
Ou_COBCdOHqGHyVZa6wpSv93VuBKu2zylPKy6-Sq_aVg0U9PjBgxUw==
publisher.js
client.aps.amazon-adsystem.com/ 		261 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.aps.amazon-adsystem.com/publisher.js
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-113.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b70d5f158ad9fb8db0a1c335114075558d819212c80ce6d0aca87c348afb174

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:27:05 GMT
content-encoding
br
via
1.1 2435a43ad9e6173e7352a49a09dd01b0.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:12 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
1110
x-amz-server-side-encryption
AES256
etag
W/"43cf1e7a2beb2adb8dd9e6250dd28a33"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
KRicbVIZIlELyliJhWYP7FSJ_3bhWHBeXczNNT2WT2COQ89tUyetBA==
prebid8.30.0.1705075539.min.js
s.lngtdv.com/prebid/foreignpolicy/ 		540 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
647d064c62215de0fe962b7f26088a919aa1e4ecaf4f890e95f0fa528ea73bb2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 17 Jan 2024 14:45:34 GMT
content-encoding
gzip
x-age-lb
426955
x-amz-request-id
tx00000d11f99f21eecbcf2-0065a16369-857b320-nyc
x-77-cache
HIT
x-accel-date
1705075779
x-77-nzt
A5ySJBY3Nzf/y4MGAJySO+I3Nzf/2gAAAJySOhfMe74A
x-accel-expires
@1736611561
x-77-age
427173
x-cache-lb
HIT
last-modified
Fri, 12 Jan 2024 16:05:39 GMT
server
CDN77-Turbo
etag
W/"b7910a649e76e5b9dd447c3d5133cdfa"
x-77-nzt-ray
1e192d084e8180880ee8a76528d7ca0f
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f84824de02b0889bddb0e115ff6f3bd2e3a4b673594a75826f6c93d19d2cb64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29314
x-xss-protection
0
server
cafe
etag
315 / 19739 / m202401100101 / config-hash: 17283158720879652238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:45:34 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 24 Jan 2024 14:45:34 GMT
cx.js
cdn.cxense.com/ Frame E8C3 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1296::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
016cfe0b96956c2f101343dfb7500aaa91c4f9eea53995d9fe74db811c010616

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:45:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 13:04:16 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37198
Expires
Wed, 17 Jan 2024 15:45:34 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fadmin.s21.lol%2F&domain=admin.s21.lol&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://admin.s21.lol
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 17 Jan 2024 14:45:34 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
218379
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240117
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d279a8f3340240ea270cd06bf0a845a4e83671a924833fb7cdb7f9d115d8860d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 Jan 2024 14:45:34 GMT
x-content-type-options
nosniff
content-encoding
br
age
38686
x-jsd-version
1.0.1937
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
849
x-served-by
cache-fra-eddf8230103-FRA, cache-mia-kmia1760091-MIA
x-jsd-version-type
version
etag
W/"639-fEVUyCOkUkC6Kps16R0PB+wYg0s"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a000034LE2vAAG&gdpr=0&src=pbjs&ver=8.30.0&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0015a000034LE2vAAG&gdpr=0&src=pbjs&ver=8.30.0&coppa=0&b=1&g=TgWIn7B2EFHTNYRLh9jVex3EwfW%2BHVxrYzwQn7GwOZE%3D
42 B
138 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a000034LE2vAAG&gdpr=0&src=pbjs&ver=8.30.0&coppa=0&b=1&g=TgWIn7B2EFHTNYRLh9jVex3EwfW%2BHVxrYzwQn7GwOZE%3D
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 17 Jan 2024 14:45:34 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://admin.s21.lol
location
https://lexicon.33across.com/v1/envelope?pid=0015a000034LE2vAAG&gdpr=0&src=pbjs&ver=8.30.0&coppa=0&b=1&g=TgWIn7B2EFHTNYRLh9jVex3EwfW%2BHVxrYzwQn7GwOZE%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fadmin.s21.lol%2F&domain=admin.s21.lol&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=GYWCaXx2OEtRRDBGY1d0Y0VpQXN6d01OTlB6Qk5qMHdwNjFVVEZhSWlkcWozVFdOY3ZDMzhqWkp0dGpRZGE5UkNzZnZWTm1tUm5WQjR0UENFSlJzd21Od2NNdW8yS0c0alpEUTMvY3VFaGo1OUw0bVc2bFRJYlhidVBxTE...
335 B
981 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GYWCaXx2OEtRRDBGY1d0Y0VpQXN6d01OTlB6Qk5qMHdwNjFVVEZhSWlkcWozVFdOY3ZDMzhqWkp0dGpRZGE5UkNzZnZWTm1tUm5WQjR0UENFSlJzd21Od2NNdW8yS0c0alpEUTMvY3VFaGo1OUw0bVc2bFRJYlhidVBxTEdNSERrUFZ4Sk5Oa1lEelpMc29KOTM0YStJT2xKamtma2VSZ016bGRsZFE3RzhxaTBWdTdPNjNvTXRxWVJaeVlQQVN5RXNGSWpUS1I2aFNVMWRtNTQxOHFaL2hJVldabEVVUlhoV3lyZ044c3AvenNweFhYNDVTQUFDam1qY21lN0FNbExuK0hxfA&cppv=2
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
cd5fbe23fecd5281f2450fde2cf6f69c715b68d1dd69f907066315e3ecfbc9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
991335
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://admin.s21.lol
location
https://mug.criteo.com/sid?cpp=GYWCaXx2OEtRRDBGY1d0Y0VpQXN6d01OTlB6Qk5qMHdwNjFVVEZhSWlkcWozVFdOY3ZDMzhqWkp0dGpRZGE5UkNzZnZWTm1tUm5WQjR0UENFSlJzd21Od2NNdW8yS0c0alpEUTMvY3VFaGo1OUw0bVc2bFRJYlhidVBxTEdNSERrUFZ4Sk5Oa1lEelpMc29KOTM0YStJT2xKamtma2VSZ016bGRsZFE3RzhxaTBWdTdPNjNvTXRxWVJaeVlQQVN5RXNGSWpUS1I2aFNVMWRtNTQxOHFaL2hJVldabEVVUlhoV3lyZ044c3AvenNweFhYNDVTQUFDam1qY21lN0FNbExuK0hxfA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
474969
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
b70e8bc8bed5c54cb33271828fc71d008c98b6ee44a2cf47269b13e9124bbae8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
any
idx.liadm.com/idex/did-0041/ 		50 B
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0041/any?duid=cf6fbbf099b5--01hmby4y50v04emtm028shawyj&did=did-0041&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.182.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-182-250.compute-1.amazonaws.com
Software
/
Resource Hash
14a4190eafa53f3e66df6e2c63b6e1243a217e9ee69040dc49087e79610573fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
26
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
max-age=86399, private
access-control-allow-credentials
true
trace-id
6e912b45a2b14d4e
content-length
50
expires
Thu, 18 Jan 2024 14:45:34 GMT
id
id.crwdcntrl.net/ 		74 B
821 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
fb3510049e9bcf7a2d2d76aa473bbb4f3ab8e277b840b78c25ed5cfac74d0e6d

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache
x-server
10.40.63.18
access-control-allow-credentials
true
content-length
74
expires
0
rid
match.adsrvr.org/track/ 		109 B
564 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=wq4ba1k&fmt=json
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
4d3a609f74c4fa47b7159c3e011b8312462557c5d4c477cd8d9475812da32254

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 16 Feb 2024 14:45:34 GMT
tag
btloader.com/
Redirect Chain
  • https://longitudeads-com.videoplayerhub.com/galleryplayer.js
  • https://btloader.com/tag?h=longitudeads-com&upapi=true
55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=longitudeads-com&upapi=true
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1197f0248eeadf9023585c4481e30c2802220f7f584da2ab2db7242407e8991

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 14:38:22 GMT
server
cloudflare
age
273
etag
"f80dbc3f1e0c4dec401f7c50f7f6819a"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
846f61fcda26dacd-MIA
content-length
18940

Redirect headers

date
Wed, 17 Jan 2024 14:45:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mtF96NL%2FcEl0zNwNJfyAsLzdeQWxBVvEOWaHCrvjrjpg%2Bzsjef9q%2BloQMRu7xJcUoZ6eOc6oZgTgrrfVkj5JhBI9GOHo251E29hrNR99SB53wYW1qCfUBdPU6txDn2Bhg%2Fmthp0uYLS7ID7vTID4j3aM8LVeRk9uJ%2FkgWIh8q7jU"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=longitudeads-com&upapi=true
cache-control
max-age=3600
cf-ray
846f61fbcc505c7b-MIA
expires
Wed, 17 Jan 2024 15:45:34 GMT
config.js
cdn.confiant-integrations.net/Uqfng6SIblYVzF0oRTC6BG3-Iuk/gpt_and_prebid/ 		139 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/Uqfng6SIblYVzF0oRTC6BG3-Iuk/gpt_and_prebid/config.js
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52468c1e4b5f33e1a3f9efebce3ffc189eacd7eb07c099288852094ba32a2689

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 14:27:25 GMT
server
cloudflare
x-amz-request-id
CMB0SXV8PE2JXRSM
age
343
etag
W/"967b860765544bf40a3f3f73297fb886"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
846f61fc2eb38dee-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
THG5zJiFHmy/BsCyY0P3pq5P/CBP7UP6s0LnR84QHCAyrKVF5ZHgfyVX70lj0GY8N05nYIhR4YY=
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:45:34 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1755044
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAMc5%2BGIDxCUztoej2EcYyt6KDC9QSNN5dpwf%2BGz46CPFIa9HWS6L5oZ82wiSP5x4WYHN%2B62zLeq3mMb%2FObcSCYb%2BRnEjXFS8YUCILtz0pR7GeAortS10w5UgedTVYieZhMM%2FOGJKzJDhuVR"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
846f61fc1da89ac0-MIA
translator
hbopenbid.pubmatic.com/ 		0
114 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
0542456f28811bc742ee71f89d9aef640739063297d1225d092747a6f767b023

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
auction
tlx.3lift.com/header/ 		19 B
602 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.30.0&referrer=https%3A%2F%2Fadmin.s21.lol%2F&tmax=2000
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.202.239.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-239-95.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
accept-ch
sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		401 B
913 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13708&site_id=327944&zone_id=1716124&size_id=2&alt_size_ids=55&rp_schain=1.0,1!longitudeads.com,9377,1,,,&eid_pubcid.org=62f14601-abe1-4f6c-9177-11f2586b1d20%5E1&rf=https%3A%2F%2Fadmin.s21.lol%2F&tg_i.domain=admin.s21.lol&tg_i.page=https%3A%2F%2Fadmin.s21.lol%2F&tg_i.pbadslot=%2F7971222%2FHomepage_D_1&tk_flint=pbjs_lite_v8.30.0&x_source.tid=41d10188-abce-4ba2-8f0e-9077f10c1b68&l_pb_bid_id=8365bfeccec145&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1a0e40a8-e8b5-4b4f-8346-3df427872ce1&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=%2F7971222%2FHomepage_D_1&m_ch_mobile=%3F0&slots=1&rand=0.8478935478989047
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
eb67f52179b58500e52dfbb683f96f21020eb32b6854075ed1d9a4136b16cb90

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
401
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
mp.4dex.io/ 		0
41 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
846f61fc28fdda93-MIA
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=522350
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb420698455ab8212d58f448a6a652770e6ab6780934783a037404321150bc4

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjNy4dQY5%2FMTi895lTeWIkcEossCNCVLgwyrBXTC2sh5EwJJkSyJPJFinZK3sjT26QvhdxHOvKknHIFOA4BAEq%2FNWKbQR06sJSSZ23FDzkGhzMH2urdjV%2F1G92ikPmEqqAupyMbd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
846f61fc2ad76dd4-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
192 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.30.0&cb=34766050314&lsavail=1
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:33 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		139 B
699 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
1d00dc2ff117d931e9690b87a87276cbdc863859fa76973808ffa73d4d5b41a0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
an-x-request-uuid
8c65b8aa-9e6a-44a2-822b-594abeefd973
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.72; 38.132.118.72; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.30.0
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
3abbf3e01fec2b1b07784f58b57cc6292da397e5e639b1f0bd16adf00a910f60

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 Jan 2024 14:45:34 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://admin.s21.lol
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
hbjson
grid.bidswitch.net/ 		24 B
364 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.156.215 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
215.156.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4ad4e3bab4039addd3237c9e6c56b73d93819589aea0f7eaf248a89cf36322c0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 Jan 2024 14:45:34 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
auction
tlx.3lift.com/header/ 		19 B
601 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.30.0&referrer=https%3A%2F%2Fadmin.s21.lol%2F&tmax=2000
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.202.239.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-239-95.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
364 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.156.215 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
215.156.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7f5f0eed87205e880e30eb49e66a8e74ec330a6966b0f66a9210f49d872aebf4

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 Jan 2024 14:45:34 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
306 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=522351
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c39b79ed16ea6aa0dd67bd85368939e29a863ed2e4e69416c909d6cd06aa907

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgGs04Ymvh36X7QM2SWrNrkaAfuJPMFnwBcYDu3Sv1N%2FWQTcNGmzAPPL6FYahbnWc4b5eQB5HPd8zC3TVsx830DocxyVvcJrnCoAnpTjwB2v6QhCUWaimaRaVrv1Bvvc8c69CD5G"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
846f61fc2ada6dd4-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		401 B
742 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13708&site_id=327944&zone_id=1716126&size_id=2&alt_size_ids=55&rp_schain=1.0,1!longitudeads.com,9377,1,,,&eid_pubcid.org=62f14601-abe1-4f6c-9177-11f2586b1d20%5E1&rf=https%3A%2F%2Fadmin.s21.lol%2F&tg_i.domain=admin.s21.lol&tg_i.page=https%3A%2F%2Fadmin.s21.lol%2F&tg_i.pbadslot=%2F7971222%2FHomepage_D_2&tk_flint=pbjs_lite_v8.30.0&x_source.tid=6db7e266-2cd2-4472-85ee-969a1dd5b8ae&l_pb_bid_id=31c00a9f3c0f38&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=df6e11f3-dafc-43e8-8295-00b03375e98e&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=%2F7971222%2FHomepage_D_2&m_ch_mobile=%3F0&slots=1&rand=0.13711911691482181
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
465f1cf60cab9ad13882c020118163dedbf3f5b731e0e9b0dee3c7082bca0545

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
401
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
mp.4dex.io/ 		0
40 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
846f61fc2900da93-MIA
expires
0
bid
ap.lijit.com/rtb/ 		24 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.30.0
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
de6e28a699826bd6e475986eb70e24390c84c8a279a1d4a246462141c8743dce

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 Jan 2024 14:45:34 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://admin.s21.lol
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
translator
hbopenbid.pubmatic.com/ 		0
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.30.0&cb=83611971257&lsavail=1
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		139 B
699 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
5e46116ebab6613e95042e11ecc8fe036bcb0a4e641e58cd1af7cecdcf4276d1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
an-x-request-uuid
6ac77060-7537-4859-b932-8dd50126c16d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.72; 38.132.118.72; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
2ba4c4a12ce8d0abe1d849b8f20dd63f1c413fcb27f3c8d9997a26564af01ced

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=522352
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
890531a55c73529e845df7cc49af6d29c4e778e21c9dcb8baa4c55aa5735b353

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFv%2FrVZQE37f8KKFHsiqo94d4tGgpqHD9g%2FgyMBqkbmCij2L99Gk%2Bm8TYWs8sffSeGNsN68VruHcz5dMe84jPdEJDuj6IiWoY9E3VO9UBIsDnaWfSsxoWaBzELlJoqQmtAJreDFb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
846f61fc2adb6dd4-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
247 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f69d146e46487203d760f9ef3f5e28594753338c080a281b938931dc64f3b137

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
mp.4dex.io/ 		0
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
846f61fc2901da93-MIA
expires
0
translator
hbopenbid.pubmatic.com/ 		0
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
699 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0862f105373ec9f6beb9ae3f81535bfbf6e1023512d4c45300eec20c590c4df8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
an-x-request-uuid
c58e0edf-4984-4057-9297-41e743927021
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.72; 38.132.118.72; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.30.0
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
7ad3c5b45741ca076a35027665ccea7b708f57b1a4b528c9fdf73e1801984bf4

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 Jan 2024 14:45:34 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://admin.s21.lol
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
hbjson
grid.bidswitch.net/ 		24 B
364 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.156.215 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
215.156.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9480246304b0b1b9ba76778d9fc56a17a1e8f1f8d4e1220b155deb20893ccd6d

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 Jan 2024 14:45:34 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
auction
tlx.3lift.com/header/ 		19 B
601 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.30.0&referrer=https%3A%2F%2Fadmin.s21.lol%2F&tmax=2000
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.202.239.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-239-95.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		401 B
740 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13708&site_id=327944&zone_id=1716128&size_id=2&alt_size_ids=55&rp_schain=1.0,1!longitudeads.com,9377,1,,,&eid_pubcid.org=62f14601-abe1-4f6c-9177-11f2586b1d20%5E1&rf=https%3A%2F%2Fadmin.s21.lol%2F&tg_i.domain=admin.s21.lol&tg_i.page=https%3A%2F%2Fadmin.s21.lol%2F&tg_i.pbadslot=%2F7971222%2FHomepage_D_3&tk_flint=pbjs_lite_v8.30.0&x_source.tid=ab89c114-8138-43e4-9ca7-41a2de8d62ca&l_pb_bid_id=65c8c8f2e4eff7e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4d3715e3-24c1-4eae-bab3-7b3bb432694e&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=%2F7971222%2FHomepage_D_3&m_ch_mobile=%3F0&slots=1&rand=0.12429617486478262
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
53ed08ab5ff51b7d1859784999022c1fa15550368f34c941b0a6c06ba898ccf4

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
401
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.30.0&cb=96681841066&lsavail=1
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
601 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.30.0&referrer=https%3A%2F%2Fadmin.s21.lol%2F&tmax=2000
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.202.239.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-239-95.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
accept-ch
sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
316 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=522353
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7704dbc9fa23136af5c961006029ad700a35789183f7ae765bd499525ae0fbc1

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CC6R%2FRGXIkhacnWEMM98txmvZ84Crq%2B7%2BqH3Zu2cmmfpsbRKU%2Fu61iubfpXRCBvugkFpZCA7bZovvu%2FdprcVNqLSA8kFpBqNirljicxGGVV4MTfVy1XZOc2lRI2ttZJvkhDnKO1D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
846f61fc2add6dd4-MIA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ 		0
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.30.0&cb=37160100560&lsavail=1
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
1a134cbceab3573c55270f8d8997f506cb707f7fd8b3e3e568d0c6cb0f5acfc2

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
fastlane.json
fastlane.rubiconproject.com/a/api/ 		382 B
723 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13708&site_id=327944&zone_id=1716130&size_id=15&rp_schain=1.0,1!longitudeads.com,9377,1,,,&eid_pubcid.org=62f14601-abe1-4f6c-9177-11f2586b1d20%5E1&rf=https%3A%2F%2Fadmin.s21.lol%2F&tg_i.domain=admin.s21.lol&tg_i.page=https%3A%2F%2Fadmin.s21.lol%2F&tg_i.pbadslot=%2F7971222%2FHomepage_D_4&tk_flint=pbjs_lite_v8.30.0&x_source.tid=ac4a833c-80c2-4fd9-84c0-687b291fc04f&l_pb_bid_id=81a5673be642cee&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f8fd7892-d2b7-4ff7-9c93-9a817aeb1113&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=%2F7971222%2FHomepage_D_4&m_ch_mobile=%3F0&slots=1&rand=0.04894725412310175
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
053168598b145ef6114725fc34fe54ce5cb52dbcafd76465b4d8a502cb0328f1

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
382
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
mp.4dex.io/ 		0
41 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
846f61fc2904da93-MIA
expires
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
699 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
012d62c360534f50cc3148d29cdf1ab4b55212cd0d0583a3f9f2bc3ec9019a43
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
an-x-request-uuid
0662897f-4802-48e5-8fcf-b4e3f468b930
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.72; 38.132.118.72; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
364 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.156.215 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
215.156.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6ca8965a4a9c691d4bf031ea97684f63b0e45bbaaa64887b248e9ffc800b5bcd

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 Jan 2024 14:45:34 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
bid
ap.lijit.com/rtb/ 		24 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.30.0
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
d36cf570a5676b99c7e67e3b4d0dfa5f0f317a8061cb4dfba9c93638296e7058

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 Jan 2024 14:45:34 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://admin.s21.lol
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
308 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=522354
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd7eae3e19f7ea074d71fc3458ea4e14aabb48b66d960286bdd40196c95632f

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TuuSV07hOm1Q83kv9O9qKJPMXZTbeZrFgR7ivw2kXCauEc7VyfQDaIBTZtonpVBxR%2Br98em97re09UDpp2oghWv8U4g9HPmKWhyM07m2qB2T4%2BIwFbhafXKnWtT3MOzO2PZFaRr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
846f61fc2adc6dd4-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.30.0&cb=94449474029&lsavail=1
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:33 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
601 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.30.0&referrer=https%3A%2F%2Fadmin.s21.lol%2F&tmax=2000
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.202.239.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-239-95.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
accept-ch
user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
702 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3c131dfbe012cfd5e10cfab3513560d389f150a2949b56b4e44d3a74e240f0c8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
an-x-request-uuid
7d5f5299-1ff4-433b-acef-d82499d5f74d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.72; 38.132.118.72; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		382 B
723 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13708&site_id=327944&zone_id=1716132&size_id=15&rp_schain=1.0,1!longitudeads.com,9377,1,,,&eid_pubcid.org=62f14601-abe1-4f6c-9177-11f2586b1d20%5E1&rf=https%3A%2F%2Fadmin.s21.lol%2F&tg_i.domain=admin.s21.lol&tg_i.page=https%3A%2F%2Fadmin.s21.lol%2F&tg_i.pbadslot=%2F7971222%2FHomepage_D_5&tk_flint=pbjs_lite_v8.30.0&x_source.tid=f7a959dd-57a8-41c3-a212-4898f9cfafc3&l_pb_bid_id=102df4fb3f5a286a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=72d3f342-7102-4040-8bb0-2814f7149336&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=%2F7971222%2FHomepage_D_5&m_ch_mobile=%3F0&slots=1&rand=0.22956745792672106
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
be22e32b0d0ee875b62a7ebe3e347bb8c8f3c793aac7cb7bc5f941bd04c15433

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
382
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
mp.4dex.io/ 		0
41 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:34 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
846f61fc2905da93-MIA
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d901f5bb9f2eb6b8a22f16c264d7d5fae0537b28f4fdf7455c3342213ea98e77

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
hbjson
grid.bidswitch.net/ 		25 B
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.156.215 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
215.156.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0a40af3b37ba570afcfc94250d1d57c00ab6f3c3f08392fb81419373c816595c

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 Jan 2024 14:45:34 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
bid
ap.lijit.com/rtb/ 		25 B
525 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.30.0
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
9dcc0c0a0bd25c2e024a7ad0d14729d364f9a444e3f865768e36880945f4604a

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 Jan 2024 14:45:34 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://admin.s21.lol
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
the-lumumba%E2%80%94plot-stuart-reid-book-review.png
foreignpolicy.com/wp-content/uploads/2023/12/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/12/the-lumumba%E2%80%94plot-stuart-reid-book-review.png?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b2b5830641102def6d241a461fef33d7a0c8ddb4debc6ecd45d3ff5ec97a54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387172
x-cache
HIT
content-length
143812
x-xss-protection
1; mode=block
x-rq
mia3 80 130 443
referrer-policy
same-origin
last-modified
Fri, 29 Dec 2023 18:11:41 GMT
server
cloudflare
etag
"8e3d0583546befd3"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apBITveA8WrFn0QmE9a7xVvHLC%2BVCd0vqOgxdWv556f5KX50ICKIYv07BgYpmszu6NOeS%2FbTj3p4XKRVV0PbhMta6ioG8aFwDuklpnxAhmox7H8bCSNdtkkmS7N8%2Be8sl0JNlCaUrxyVbbZX9ZBr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61fc2d6d8df4-MIA
2-Democracy-darkness-foreign-policy-katlyn-marie-carter-book-review-cover.jpg
foreignpolicy.com/wp-content/uploads/2023/11/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foreignpolicy.com/wp-content/uploads/2023/11/2-Democracy-darkness-foreign-policy-katlyn-marie-carter-book-review-cover.jpg?resize=1000,667&quality=80
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e0700e5f2e456c4363a0ef5354a27c791164f5b7083b4e10b966934e6e71d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387172
x-cache
HIT
content-length
26454
x-xss-protection
1; mode=block
x-rq
mia3 86 215 443
referrer-policy
same-origin
last-modified
Mon, 11 Dec 2023 22:55:10 GMT
server
cloudflare
etag
"76bbd66b18f52afb"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xv%2BQUs%2BMfZBG9NpMJ35gOzuGf%2BRVgnr8m5ROSVuWuNKdVlwaAYWPMhG%2BlyOsYtma579sCcclCw0PVXAnRmNjHpCikslyR23krNa%2BX4avERv1EBUTbC37vxgn7Kc7hrBif%2FAqW2DqUy4nH4MPSahO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
846f61fc2d6f8df4-MIA
/
px.ads.linkedin.com/wa/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: DFF4DE49CAC54AF2A71ACAAF1A288B4D Ref B: MIAEDGE2717 Ref C: 2024-01-17T14:45:34Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://admin.s21.lol
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYPJUyrpmpP+s6nRc0mEw==
rules-p-Jyme3dg-jsWrz.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Jyme3dg-jsWrz.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:8200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41d0b43097d2e91cdd15c337dee519cd5076233fde28994d53e2d27171bbfd1c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:20:54 GMT
via
1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
1481
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:50:12 GMT
server
AmazonS3
etag
"27665b2ab41bacdec066c884d57f5275"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
A9ePRQUP6_58TVfcmqf2aa3FZXxtpAXDkM3whCeS-HqCmkBgaKF5Nw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 39d758eb6fbd8466b92ecd488bb7af24.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
jtWNNFrdACiNRWthRv4JuwuTLe5b_q8cXo5CsPu99nhRFdzPEaHLjg==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fadmin.s21.lol&pubid=c8b7d244-cdfc-48df-8b4a-98e8c4fadc6a
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
8255126c6cfa5949f900920d1da34af4a6b44cbffa700777b64526eb95d3933a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
via
1.1 6ecf35677ede41c0a96f262ec39b4894.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://admin.s21.lol
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1686
x-amz-cf-id
8m6VSza5K3w6NpEmzr1AwFfBYzbtv8sI06_dr1iBrcoa7Q4GUkUxHg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fadmin.s21.lol%2F&pid=jMrDJtWXk3eVV&cb=0&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22homepage_d_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F7971222%2FHomepage_D_1%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!longitudeads.com%2C9377%2C1%2C%2C%2C&pubid=c8b7d244-cdfc-48df-8b4a-98e8c4fadc6a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.126.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-126-121.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
D27VNGYGRWY8JZBWSAP3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://admin.s21.lol
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
tWcnWrz_piBUqOW_Vm_NtbZjEEW4qsCsUkWpiNJr5ZLOkUJFZvmaSw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fadmin.s21.lol%2F&pid=jMrDJtWXk3eVV&cb=1&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22homepage_d_2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F7971222%2FHomepage_D_2%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!longitudeads.com%2C9377%2C1%2C%2C%2C&pubid=c8b7d244-cdfc-48df-8b4a-98e8c4fadc6a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.126.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-126-121.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
76PEZGR94KFCWA6QDKMD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://admin.s21.lol
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
-QC4JlZrQT2kQwf_GyQEM8_Y0s3xDOwu20LbFD5_LEMoETiPrgPZSg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fadmin.s21.lol%2F&pid=jMrDJtWXk3eVV&cb=2&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22homepage_d_3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F7971222%2FHomepage_D_3%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!longitudeads.com%2C9377%2C1%2C%2C%2C&pubid=c8b7d244-cdfc-48df-8b4a-98e8c4fadc6a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.126.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-126-121.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
VF0CG3SZZV5DM7Z64GTK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://admin.s21.lol
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
DuAUJJuYOQvKDeGWRGVGKM3BF70es-_xtLYtGFeKiOQvHeNY7I1TiQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fadmin.s21.lol%2F&pid=jMrDJtWXk3eVV&cb=3&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22homepage_d_4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F7971222%2FHomepage_D_4%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!longitudeads.com%2C9377%2C1%2C%2C%2C&pubid=c8b7d244-cdfc-48df-8b4a-98e8c4fadc6a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.126.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-126-121.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:34 GMT
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://admin.s21.lol
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Au5J9HPcd-ApHDChCcNisdyMRrhRIYdV0GICCXOnlEnoYii7SYVqkA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fadmin.s21.lol%2F&pid=jMrDJtWXk3eVV&cb=4&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22homepage_d_5%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F7971222%2FHomepage_D_5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!longitudeads.com%2C9377%2C1%2C%2C%2C&pubid=c8b7d244-cdfc-48df-8b4a-98e8c4fadc6a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.126.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-126-121.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
7HGDEBHKSJTJSY7GP8AC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://admin.s21.lol
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
S6iwtkqzod8cr8iD1sculPQ0d0Q2u69yY3DXGM9N2HZcxIOziv92ag==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/ 		438 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 10:44:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
14458
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140824
x-xss-protection
0
server
cafe
etag
1760809391848743662
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 16 Jan 2025 10:44:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		58 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=admin.s21.lol
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a51a3ffe536766f5ae04f7fbd31fc1a9d5ec1f8125e98823fa24721208cfeb9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
x-xss-protection
0
expires
Wed, 17 Jan 2024 14:45:35 GMT
p1.js
p1cluster.cxense.com/ Frame E8C3 		47 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
1195f3b68c565f30b8910b01eafeb992ee27c2dbd3c0b45b77ee935b625193f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
last-modified
Mon, 17 Jul 2023 14:45:35 GMT
server
Jetty(9.4.28.v20200408)
etag
2u9cpuguz6ye61ovh7zet7hl58
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
47
expires
Fri, 17 Jan 2025 14:45:35 GMT
pba.gif
c.4dex.io/ 		43 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1240&site=foreignpolicy-com&pv_id=2c06142e-e0e0-45a9-bf79-ead57cfc07b2&auct_id=3a12adf9-ecfb-4ec0-b9c5-dd9c3dd97b95&adu_code=homepage_d_1&url_dmn=admin.s21.lol&pgtyp=homepage&plcmt=Homepage_D_1&mts=ban&ban_szs=728x90%2C970x90&bdrs=adagio%2Cappnexus%2Ccriteo%2Cgrid%2Cix%2Copenx%2Cpubmatic%2Crubicon%2Csovrn%2Ctriplelift&adg_mts=ban
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
pba.gif
c.4dex.io/ 		43 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1240&site=foreignpolicy-com&pv_id=2c06142e-e0e0-45a9-bf79-ead57cfc07b2&auct_id=e082a09b-a6ca-415c-9931-54aa39d26bf9&adu_code=homepage_d_2&url_dmn=admin.s21.lol&pgtyp=homepage&plcmt=Homepage_D_2&mts=ban&ban_szs=728x90%2C970x90&bdrs=adagio%2Cappnexus%2Ccriteo%2Cgrid%2Cix%2Copenx%2Cpubmatic%2Crubicon%2Csovrn%2Ctriplelift&adg_mts=ban
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
pba.gif
c.4dex.io/ 		43 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1240&site=foreignpolicy-com&pv_id=2c06142e-e0e0-45a9-bf79-ead57cfc07b2&auct_id=7c57266b-39f9-4d21-a47e-b0c7c342dbb6&adu_code=homepage_d_3&url_dmn=admin.s21.lol&pgtyp=homepage&plcmt=Homepage_D_3&mts=ban&ban_szs=728x90%2C970x90&bdrs=adagio%2Cappnexus%2Ccriteo%2Cgrid%2Cix%2Copenx%2Cpubmatic%2Crubicon%2Csovrn%2Ctriplelift&adg_mts=ban
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
pba.gif
c.4dex.io/ 		43 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1240&site=foreignpolicy-com&pv_id=2c06142e-e0e0-45a9-bf79-ead57cfc07b2&auct_id=654cbb61-1f1a-4770-8f34-c0ab4b10d2aa&adu_code=homepage_d_4&url_dmn=admin.s21.lol&pgtyp=homepage&plcmt=Homepage_D_4&mts=ban&ban_szs=300x250&bdrs=adagio%2Cappnexus%2Ccriteo%2Cgrid%2Cix%2Copenx%2Cpubmatic%2Crubicon%2Csovrn%2Ctriplelift&adg_mts=ban
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
pba.gif
c.4dex.io/ 		43 B
316 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1240&site=foreignpolicy-com&pv_id=2c06142e-e0e0-45a9-bf79-ead57cfc07b2&auct_id=4d851475-3679-492e-a896-d9d92cb57248&adu_code=homepage_d_5&url_dmn=admin.s21.lol&pgtyp=homepage&plcmt=Homepage_D_5&mts=ban&ban_szs=300x250&bdrs=adagio%2Cappnexus%2Ccriteo%2Cgrid%2Cix%2Copenx%2Cpubmatic%2Crubicon%2Csovrn%2Ctriplelift&adg_mts=ban
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
collect
t.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://admin.s21.lol
Date
Wed, 17 Jan 2024 14:45:35 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
httpapi
api2.amplitude.com/2/ 		94 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-gtm-2.3.2-min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.12.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-12-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
11ac8bc0a507efbfd27f00b1b0af3aa659f7972ae631668b458d2a562d197c68
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
strict-transport-security
max-age=15768000
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
trace-id
Root=1-65a7e80f-596f03633497e7f2347806b1
content-length
94
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.12.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-12-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://admin.s21.lol
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Wed, 17 Jan 2024 14:45:35 GMT
strict-transport-security
max-age=15768000
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:45:35 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ykt576KrcESpztHun06JlX3spPWKDY%2F7vhcYui8nzCwkUoxjiSjlfgFhDCsjeGPGkmmDJA8N3TH3yf343GwM2Uaa8ZLP2NHEX6drijX385b6qI3K7tbvUvR%2BTQSmgmXLeVYrsMgY89e55CVA"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
846f61fdf97d74b0-MIA
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202401101304/ 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/Uqfng6SIblYVzF0oRTC6BG3-Iuk/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab685c3c71fa770524de722fadfa61021debdaf0c7678e24a4ee113779bf7f21

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 18:05:23 GMT
server
cloudflare
x-amz-request-id
9N37EBTZVVDCYV93
age
589250
etag
W/"5aabb710020a401097c59bf9249caa6c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
846f61fdb8b88dee-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
zUuXZL42lTEZYD0oOrNlp8/6n7tcxc59BSBHmEj/OJMcudWyScXvUwjkwbQ/LcOyCTjUCShs5GQ=
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GYWCaXx2OEtRRDBGY1d0Y0VpQXN6d01OTlB6Qk5qMHdwNjFVVEZhSWlkcWozVFdOY3ZDMzhqWkp0dGpRZGE5UkNzZnZWTm1tUm5WQjR0UENFSlJzd21Od2NNdW8yS0c0alpEUTMvY3VFaGo1OUw0bVc2bFRJYlhidVBxTEdNSERrUFZ4Sk5Oa1lEelpMc29KOTM0YStJT2xKamtma2VSZ016bGRsZFE3RzhxaTBWdTdPNjNvTXRxWVJaeVlQQVN5RXNGSWpUS1I2aFNVMWRtNTQxOHFaL2hJVldabEVVUlhoV3lyZ044c3AvenNweFhYNDVTQUFDam1qY21lN0FNbExuK0hxfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 17 Jan 2024 14:45:34 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
207859
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: longitudeads-com.videoplayerhub.com
URL: https://longitudeads-com.videoplayerhub.com/galleryplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 14:45:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25505
x-guploader-uploadid
ABPtcPp1HtgqNc47mCb9Nkc5A3ZcgPycObCvPQvUoW4yAVb-MtTWDI7EpDmeLQcSSkuPLsLHt0QTxIJydA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVJaK55KM%2F4LeHABw96mGOAOSqD6vxz3DqhrtYeLP5a1IGjsV3OaTxUPCm3btSH61YGyF2AxVnpOraXUGtZaarEayF%2BcrxK%2FzSyPxN2aIsTv7v4G7LT6xFge521StNy%2Fs6VQ%2BInvuEISV5cdpg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
846f61fea89f74c6-MIA
expires
Wed, 17 Jan 2024 08:28:56 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 20:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66837
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 20:11:38 GMT
px.gif
ad-delivery.net/ 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9959247638186817
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25505
x-guploader-uploadid
ABPtcPp1HtgqNc47mCb9Nkc5A3ZcgPycObCvPQvUoW4yAVb-MtTWDI7EpDmeLQcSSkuPLsLHt0QTxIJydA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPid5vSVk0Ggk55HpAHugWh5RemmcR%2BxTmALOc4P3Lp%2FTLDtZIinnyIbvCqhRNUHvsjpxeepnOTarz0XXoVeAYU3GYgFB1CsLUgvEQ7qpt5CaoIVE6gaC%2BSSoP6r2FgcSpBlP%2FiYByIWk%2Bq2AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
846f61fea89a74c6-MIA
expires
Wed, 17 Jan 2024 08:28:56 GMT
ats.js
ats.rlcdn.com/ 		110 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-37.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 10:55:53 GMT
x-amz-version-id
x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding
br
last-modified
Thu, 19 Oct 2023 08:25:12 GMT
server
AmazonS3
via
1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
etag
W/"b248cc9d0fdeb36bdeb7efabad1132ee"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
13783
x-amz-cf-id
_BtDywzrU_yRzvna8Nd5s19Sez280shlTmzdxWMjd2r0B0GiBn5dbw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-29-146.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 17 Jan 2024 15:00:35 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
N0T2VEYFY8D7VBKM
age
1558
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
846f61febcff9ae9-MIA
x-amz-id-2
QG3GQHWHEK4PI9Elqt0k2lf3FkJPZQHJIyhEgU17iMqYUseNkJKf/47z+zFT0BDXz9hREODqxCvLlV8KiEA0bQ==
j
rp.liadm.com/ 		0
0
pixel;r=1249182569;rf=0;a=p-Jyme3dg-jsWrz;url=https%3A%2F%2Fadmin.s21.lol%2F;uht=2;fpan=1;fpa=P0-1007919912-1705502734758;pbc=62f14601-abe1-4f6c-9177-11f2586b1d20;ns=0;ce=1;qjs=1;qv=b70d35e8-202312...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1249182569;rf=0;a=p-Jyme3dg-jsWrz;url=https%3A%2F%2Fadmin.s21.lol%2F;uht=2;fpan=1;fpa=P0-1007919912-1705502734758;pbc=62f14601-abe1-4f6c-9177-11f2586b1d20;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=s21.lol;dst=0;et=1705502735009;tzo=600;ogl=title.Foreign%20Policy%2Cimage.https%3A%2F%2Fforeignpolicy%252Ecom%2Fwp-content%2Fthemes%2Fforeign-policy-2017%2Fassets%2Fsrc%2Fimage%2Curl.https%3A%2F%2Fforeignpolicy%252Ecom%2F%2Cdescription.The%20Global%20Magazine%20of%20News%20and%20Ideas%2Csite_name.Foreign%20Policy%2Ctype.article%2Cupdated_time.1705428025;ses=b5dc953f-2af3-482d-b304-88c5a8f40ac9;mdl=
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
p
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/p?dtstmp=1705502735012&did=did-0041&se=e30&duid=cf6fbbf099b5--01hmby4y50v04emtm028shawyj&pu=https%3A%2F%2Fadmin.s21.lol%2F&wpn=prebid
  • https://rp4.liadm.com/p?se=e30&duid=cf6fbbf099b5--01hmby4y50v04emtm028shawyj&dtstmp=1705502735012&did=did-0041&wpn=prebid&pu=https%3A%2F%2Fadmin.s21.lol%2F&i6=MjAwMTo1NTA6MWQwNToxOjoxMQ%3D%3D
43 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rp4.liadm.com/p?se=e30&duid=cf6fbbf099b5--01hmby4y50v04emtm028shawyj&dtstmp=1705502735012&did=did-0041&wpn=prebid&pu=https%3A%2F%2Fadmin.s21.lol%2F&i6=MjAwMTo1NTA6MWQwNToxOjoxMQ%3D%3D
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Server
3.220.30.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-30-119.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
x-pixel-event-id
45b69819-cce6-4a3c-9410-3af32a244396
content-length
43
content-type
image/gif

Redirect headers

location
https://rp4.liadm.com/p?se=e30&duid=cf6fbbf099b5--01hmby4y50v04emtm028shawyj&dtstmp=1705502735012&did=did-0041&wpn=prebid&pu=https%3A%2F%2Fadmin.s21.lol%2F&i6=MjAwMTo1NTA6MWQwNToxOjoxMQ%3D%3D
date
Wed, 17 Jan 2024 14:45:35 GMT
content-length
0
p
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/p?dtstmp=1705502735012&did=did-0041&pu=https%3A%2F%2Fadmin.s21.lol%2F&ae=eyJtZXNzYWdlIjoiIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiQWpheEZhaWxlZFxuICAgIGF0IHAgKGh0dHBzOi8...
  • https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiQWpheEZhaWxlZFxuICAgIGF0IHAgKGh0dHBzOi8vcy5sbmd0ZHYuY29tL3ByZWJpZC9mb3JlaWducG9saWN5L3ByZWJpZDguMzAuMC4xNz...
43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiQWpheEZhaWxlZFxuICAgIGF0IHAgKGh0dHBzOi8vcy5sbmd0ZHYuY29tL3ByZWJpZC9mb3JlaWducG9saWN5L3ByZWJpZDguMzAuMC4xNzA1MDc1NTM5Lm1pbi5qczo0Njo1NzMzKVxuICAgIGF0IGUuZW1pdEVycm8uLi4iLCJmaWxlTmFtZSI6InVuZGVmaW5lZCJ9&dtstmp=1705502735012&did=did-0041&wpn=prebid&pu=https%3A%2F%2Fadmin.s21.lol%2F&i6=MjAwMTo1NTA6MWQwNToxOjoxMQ%3D%3D
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Server
3.220.30.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-30-119.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
x-pixel-event-id
fcb1bb25-2011-40b4-bfa4-90ef51286e05
content-length
43
content-type
image/gif

Redirect headers

location
https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiQWpheEZhaWxlZFxuICAgIGF0IHAgKGh0dHBzOi8vcy5sbmd0ZHYuY29tL3ByZWJpZC9mb3JlaWducG9saWN5L3ByZWJpZDguMzAuMC4xNzA1MDc1NTM5Lm1pbi5qczo0Njo1NzMzKVxuICAgIGF0IGUuZW1pdEVycm8uLi4iLCJmaWxlTmFtZSI6InVuZGVmaW5lZCJ9&dtstmp=1705502735012&did=did-0041&wpn=prebid&pu=https%3A%2F%2Fadmin.s21.lol%2F&i6=MjAwMTo1NTA6MWQwNToxOjoxMQ%3D%3D
date
Wed, 17 Jan 2024 14:45:35 GMT
content-length
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
edb664793580b9457d1b5a905e99e394836ec53f1092b24d0aef4328b4d6b97c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pba.gif
c.4dex.io/ 		43 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1240&site=foreignpolicy-com&pv_id=2c06142e-e0e0-45a9-bf79-ead57cfc07b2&auct_id=3a12adf9-ecfb-4ec0-b9c5-dd9c3dd97b95&adu_code=homepage_d_1&url_dmn=admin.s21.lol&pgtyp=homepage&plcmt=Homepage_D_1&mts=ban&ban_szs=728x90%2C970x90&bdrs=adagio%2Cappnexus%2Ccriteo%2Cgrid%2Cix%2Copenx%2Cpubmatic%2Crubicon%2Csovrn%2Ctriplelift&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
pba.gif
c.4dex.io/ 		43 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1240&site=foreignpolicy-com&pv_id=2c06142e-e0e0-45a9-bf79-ead57cfc07b2&auct_id=e082a09b-a6ca-415c-9931-54aa39d26bf9&adu_code=homepage_d_2&url_dmn=admin.s21.lol&pgtyp=homepage&plcmt=Homepage_D_2&mts=ban&ban_szs=728x90%2C970x90&bdrs=adagio%2Cappnexus%2Ccriteo%2Cgrid%2Cix%2Copenx%2Cpubmatic%2Crubicon%2Csovrn%2Ctriplelift&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
pba.gif
c.4dex.io/ 		43 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1240&site=foreignpolicy-com&pv_id=2c06142e-e0e0-45a9-bf79-ead57cfc07b2&auct_id=4d851475-3679-492e-a896-d9d92cb57248&adu_code=homepage_d_5&url_dmn=admin.s21.lol&pgtyp=homepage&plcmt=Homepage_D_5&mts=ban&ban_szs=300x250&bdrs=adagio%2Cappnexus%2Ccriteo%2Cgrid%2Cix%2Copenx%2Cpubmatic%2Crubicon%2Csovrn%2Ctriplelift&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
pba.gif
c.4dex.io/ 		43 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1240&site=foreignpolicy-com&pv_id=2c06142e-e0e0-45a9-bf79-ead57cfc07b2&auct_id=7c57266b-39f9-4d21-a47e-b0c7c342dbb6&adu_code=homepage_d_3&url_dmn=admin.s21.lol&pgtyp=homepage&plcmt=Homepage_D_3&mts=ban&ban_szs=728x90%2C970x90&bdrs=adagio%2Cappnexus%2Ccriteo%2Cgrid%2Cix%2Copenx%2Cpubmatic%2Crubicon%2Csovrn%2Ctriplelift&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
pba.gif
c.4dex.io/ 		43 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1240&site=foreignpolicy-com&pv_id=2c06142e-e0e0-45a9-bf79-ead57cfc07b2&auct_id=654cbb61-1f1a-4770-8f34-c0ab4b10d2aa&adu_code=homepage_d_4&url_dmn=admin.s21.lol&pgtyp=homepage&plcmt=Homepage_D_4&mts=ban&ban_szs=300x250&bdrs=adagio%2Cappnexus%2Ccriteo%2Cgrid%2Cix%2Copenx%2Cpubmatic%2Crubicon%2Csovrn%2Ctriplelift&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
ads
securepubads.g.doubleclick.net/gampad/ 		107 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3821249020643984&correlator=363668708019199&eid=31079957%2C31079959%2C31080295&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fifs&iu_parts=7971222%2CHomepage_D_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705502735332&lmt=1705502735&adxs=1091&adys=282&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fadmin.s21.lol%2F&vis=1&psz=359x250&msz=359x0&fws=4&ohw=359&ga_vid=1281492989.1705502733&ga_sid=1705502735&ga_hid=584931854&ga_fc=true&dlt=1705502731900&idt=3367&ppid=62f14601-abe1-4f6c-9177-11f2586b1d20&prev_scp=elid%3Dhomepage_d_4%26lngtd-floor%3Dlngtd_d_9%26display_type%3Dinit%26nobids%3Dtrue&cust_params=session-depth%3D0%26lngtd_version%3D3%26access_status%3D%26author%3D%26tags%3D%26liveintentid%3Dtrue&adks=4231310176&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a8fcae0d50cc5c2f82844038bde53f5593448db2c64fec928a62c0393dbcebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51402
x-xss-protection
0
google-lineitem-id
6489816892
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138462006637
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3821249020643984&correlator=2227475745368629&eid=31079957%2C31079959%2C31080295&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fifs&iu_parts=7971222%2CHomepage_D_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705502735344&lmt=1705502735&adxs=436&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fadmin.s21.lol%2F&vis=1&psz=1600x121&msz=1600x0&fws=0&ohw=0&ga_vid=1281492989.1705502733&ga_sid=1705502735&ga_hid=584931854&ga_fc=true&dlt=1705502731900&idt=3367&ppid=62f14601-abe1-4f6c-9177-11f2586b1d20&prev_scp=elid%3Dhomepage_d_1%26lngtd-floor%3Dlngtd_d_9%26display_type%3Dinit%26nobids%3Dtrue&cust_params=session-depth%3D0%26lngtd_version%3D3%26access_status%3D%26author%3D%26tags%3D%26liveintentid%3Dtrue&adks=1898810586&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3120a9c9c6cc4d3c9571fe00caff9ccd24dc18f99e358f4caa5e95f2a5fb85ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12776
x-xss-protection
0
google-lineitem-id
6391923355
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449496508
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3821249020643984&correlator=4073944817873802&eid=31079957%2C31079959%2C31080295&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fifs&iu_parts=7971222%2CHomepage_D_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705502735349&lmt=1705502735&adxs=150&adys=1093&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fadmin.s21.lol%2F&vis=1&psz=1300x121&msz=1300x0&fws=0&ohw=0&ga_vid=1281492989.1705502733&ga_sid=1705502735&ga_hid=584931854&ga_fc=true&dlt=1705502731900&idt=3367&ppid=62f14601-abe1-4f6c-9177-11f2586b1d20&prev_scp=elid%3Dhomepage_d_2%26lngtd-floor%3Dlngtd_d_9%26display_type%3Dinit%26nobids%3Dtrue&cust_params=session-depth%3D0%26lngtd_version%3D3%26access_status%3D%26author%3D%26tags%3D%26liveintentid%3Dtrue&adks=428923587&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bafdddb05dac501f57ec8fff6a8bc8bb98712d6500cc5f5063caad85ee6076d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12791
x-xss-protection
0
google-lineitem-id
6392348112
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138452838176
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1CB8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:45:35 GMT
expires
Thu, 16 Jan 2025 14:45:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rep.gif
comcluster.cxense.com/Repo/ Frame E8C3 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.45&typ=pgv&rnd=lrhwaj9z2qpjezfr&sid=1139724983415417198&loc=https%3A%2F%2Fadmin.s21.lol%2F&new=1&arf=0&ltm=1705502733982&ref=&tzo=600&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lrhwajxznb1imvys&ckp=lrhwaj9zuu9prvvb&glb=&cp_userState=anon&cst=2u9cpuguz6ye61ovh7zet7hl58
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Wed, 17 Jan 2024 14:45:35 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		102 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lrhwaj9zuu9prvvb%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%222u9cpuguz6ye61ovh7zet7hl58%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%222u9cpuguz6ye61ovh7zet7hl58%22%7D%5D%2C%22siteId%22%3A%221139724983415417198%22%2C%22location%22%3A%22https%3A%2F%2Fadmin.s21.lol%2F%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
61ee1f034c140fc8a84e6b2f0ad74d217147d258d4b0f4d04d805232c81bd160
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:35 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
102
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
geo.privacymanager.io/ 		30 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-21.iad66.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 08:30:54 GMT
via
1.1 3f2e448716e86a35bb027a469c98be3c.cloudfront.net (CloudFront), 1.1 17c056a089c69d54a02a9a3ca804fdd6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2, IAD66-C2
age
22481
x-amzn-requestid
e3865ca2-6499-4bcc-98ce-25f73db4a9b4
x-amzn-trace-id
Root=1-65a7903e-4d2cb6e31822bb8665e1ee44;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RrN5vE0YjoEEj2A=
content-length
30
x-amz-cf-id
VLVq0LAcIfdCIkMTkHxk--3UKh7FuKxgTb9punR7Rt-cOXwnbGQieg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
488.json
id5-sync.com/g/v2/ 		630 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/488.json
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
35f8d695985428d80ccaa92f864243c4437aecba281cba3a286cf65719a9d9fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
container.html
c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB15 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:45:35 GMT
expires
Thu, 16 Jan 2025 14:45:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://admin.s21.lol
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 14:45:35 GMT
server
Google Frontend
x-cloud-trace-context
34ac2cce58f3c3eaddc0f52db6e30851
imp
stats-collector.cxense.com/cr-stats/event/ 		42 B
136 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/imp?location=https%3A%2F%2Fadmin.s21.lol%2F&adId=6489816892&bnId=138462006637&pId=%2F7971222%2FHomepage_D_4&ckp=lrhwaj9zuu9prvvb&rnd=lrhwaj9z2qpjezfr&siteId=beVmoi3WRm&source=ci&cCreatedAt=2024-01-16T00%3A00%3A00.000Z&cAuthor=Foreign%20Policy&cTags=Books%2Chomepage_regional_americas%2Chomepage_regional_asia%2Chomepage_regional_china%2Chomepage_regional_europe%2Chomepage_regional_middle_east_africa&cType=article&t=Foreign%20Policy&targKeys=session-depth%2Clngtd_version%2Caccess_status%2Cauthor%2Ctags%2Cliveintentid&userIdSources=criteoId%2Clipb%2Cpubcid%2Ctdid
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/ari-ci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 14:45:35 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
/
it.lngtd.com/ 		43 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
8a6827fda28ad8627ca0f554ff136fe4
access-control-allow-headers
Content-Type
content-length
43
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-T5CKP06L0Y&gtm=45je41a0v867730941&_p=1705502732210&gcd=11l1l1l1l1&dma=0&cid=1281492989.1705502733&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&uid=&sid=1705502733&sct=1&seg=0&dl=https%3A%2F%2Fadmin.s21.lol%2F&dt=Foreign%20Policy%20%E2%80%93%20the%20Global%20Magazine%20of%20News%20and%20Ideas&en=experienceExecute&_ee=1&ep.author=&ep.category=&ep.datePublished=2020-03-16&ep.editor=&ep.tags=Books%2Chomepage_regional_americas%2Chomepage_regional_asia%2Chomepage_regional_china%2Chomepage_regional_europe%2Chomepage_regional_middle_east_africa&ep.vertical=&ep.pageType=Miscellaneous&ep.ads_blocked=false&ep.inMagazine=&ep.content_group=Miscellaneous&ep.content_group2=&ep.aid=beVmoi3WRm&ep.debug=false&ep.url=https%3A%2F%2Fadmin.s21.lol%2F&ep.event_category=experienceExecute&ep.event_label=Experience%20execute%20aid%3AbeVmoi3WRm&ep.experience_id=N%2FA&ep.hit_type=event&ep.non_interaction=true&ep.event_action=aid_beVmoi3WRm&_et=859&tfd=4423
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T5CKP06L0Y&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CB15 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
URL: https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 00:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
138545
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Jan 2025 00:16:30 GMT
1024949116801255967
tpc.googlesyndication.com/simgad/ Frame CB15 		546 KB
546 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1024949116801255967??resize=400,200&quality=90
Requested by
Host: c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
URL: https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dc1d2f29313ebd7402ddf0235bb01e763a7ba37f8cb8c1bc89cad7b7641d12b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 18:15:36 GMT
date
Tue, 16 Jan 2024 18:15:36 GMT
x-content-type-options
nosniff
age
73799
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
558839
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 17:53:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB15 		195 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
URL: https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b3711515f1ad425c0a07a1aa57038aab8f1f9cd518b30a17b8ef1dfe3a69386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62787
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:45:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CB15 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0_RMCmqKlZsN31YoNfJ2_qJCg_qx_KXrc0B1Gnsz5enbqlYjnSSYfEdV-DyMMVc-Z6Kz4ZuB5nuujO9AlNsYf1pFgmagnNSyIvdbNIXXsB3D8tKwnv_kGEpYvrDNPPKwV4FCUHnA1cQ0P2bSui7Ce49HHUKSqct_XE9VdE_qjjEPGE6-bhArh_NvYZ5UHMAVKp3Skbq2SxPDOrf6bYljslE6kxpyK4C7gtuLptTHaoDbUX7WI2pc_3rNOWbwT2l9BKPwfTZNW11OVP44AbZc6NaGc078Q8_eIVo_haImxJK5LML7MQDX7NixTUUH94PyPA4m61BvlW9wfhK_U&sai=AMfl-YS4CmSAk21n3AhfA90W6yd4xZsdOZYimISRcBBjhyIcDxvnQuWFlT1BYjyBA1siaeC08inRNd6tz2yFk4BDG2sx_-GQb8dONHfPrBAraSbGlINLo3wOOqvQDShPAQ&sig=Cg0ArKJSzLY_KWu0NOL7EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
URL: https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adx
securepubads.g.doubleclick.net/gampad/ Frame AD66 		0
23 B 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/adx?iu=/7971222/pixel_1x1&sz=1x1&c=136524624&tile=1
Requested by
Host: c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
URL: https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:45:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
google-creative-id
-2
google-lineitem-id
-2
google-mediationgroup-id
-2
google-mediationtag-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
solido--normal--400.woff2
foreignpolicy.com/wp-content/themes/foreign-policy-2017/assets/dist/fonts/ Frame CB15 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/assets/dist/fonts/solido--normal--400.woff2
Requested by
Host: c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
URL: https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20b8f39d0c0d0a73cd0d0f5b29b07c8d992df61c86dca3555efd9485544da46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/
Origin
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
content-length
16468
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Mon, 05 Dec 2022 12:42:18 GMT
server
cloudflare
etag
"638de72a-4054"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHe28ZSUfpLPMczxrFbdm1%2FU%2FQ7T%2B%2B3CdahqAQfE7FCMuYzHira21cgdrsd6zM%2FAmWLrZQ6PscCpe4p%2F7Wzbdsp3gPL9JlpJbZX3bwT9f8dV4Iz0L2RV%2Bw8CzvvLwzCO6UBFfLf2Qe8mwAb%2FlhAt"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f620338f0dad9-MIA
solido--normal--800.woff2
foreignpolicy.com/wp-content/themes/foreign-policy-2017/assets/dist/fonts/ Frame CB15 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://foreignpolicy.com/wp-content/themes/foreign-policy-2017/assets/dist/fonts/solido--normal--800.woff2
Requested by
Host: c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
URL: https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ae9dc6f44bf3313d3c2b5e6ddd84e8e93a9696cf839e57ed11c6995862e1961
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/
Origin
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
content-length
16148
x-xss-protection
1; mode=block
x-rq
mia3 123 242 443
referrer-policy
same-origin
last-modified
Mon, 05 Dec 2022 12:42:18 GMT
server
cloudflare
etag
"638de72a-3f14"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7U34a%2BlRTAf2R20k%2BBWmeeFXX90AUqeDUc3o1Twz8u8EgyfbBC9ccysQ0e7UeCCItcpzchx3fAPQZxedVhhFmJHCpgil2uTCIyItTnYnXGpJejYREHKkPOWCrZheRl9VcB0AHtJZtpI%2FNgBYu20"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
846f620338f4dad9-MIA
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://admin.s21.lol
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 14:45:35 GMT
server
Google Frontend
x-cloud-trace-context
3a4f95ac5af8f51eec7b769dace8e777
view
securepubads.g.doubleclick.net/pcs/ Frame 7759 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDc46vlC8TdY003XFnOIjZ8NK3AQ_ShWBIHAZh-O-bLYGa5aBMAU2LCC67WHfUrHMOaNw5t8Qi_Exh2GTE3rlvU_Tm3fTrmL7sJXAa5gEWWPbKJ6aZ8w9zQs9anh8y_DvNZWtIEvgVudQg5gSM5guTRUf8luML8oa683mIL9YnbKk7zePHaA9GcTBMXe9agbO9EYSgK4WOLnT2kd_hjAgeCSecZeIHIJj1jqwfbDXqzPJeFjDRY06_zSTTqNNNZIw6Wi8w5_oCUgZR8Z-2Lp3te-4uvgQgHD9DQvqW0bI9MnEJF0zvDbakfRDGk5IafxCqC-jQIUC0SWHrrqT3XZJ8UxXlF8MRh1XGj2Ntyde7e1QjHA&sai=AMfl-YSp8WPrffjEyXH40MNeKbcoKlwBY45ASdPlltaej6AaeCJT2_OR6Iht24YuRXLffO9ItxKMRIBJq8qOx9hmAY40nn3KtDov02_VO-3z4Ydh_tnpKOf8Dt21Wd73yQ&sig=Cg0ArKJSzPqSdkjU-hU1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7759 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b3711515f1ad425c0a07a1aa57038aab8f1f9cd518b30a17b8ef1dfe3a69386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62787
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:45:35 GMT
12426018861591584062
tpc.googlesyndication.com/simgad/ Frame 7759 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12426018861591584062?
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35473429b36d73f9f16075b1d473f0b4c896bdbe53997ddc36619f6461c2f8d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 12:16:51 GMT
date
Tue, 16 Jan 2024 12:16:51 GMT
x-content-type-options
nosniff
age
95324
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81250
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 12:30:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
imp
stats-collector.cxense.com/cr-stats/event/ 		42 B
135 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/imp?location=https%3A%2F%2Fadmin.s21.lol%2F&adId=6391923355&bnId=138449496508&pId=%2F7971222%2FHomepage_D_1&ckp=lrhwaj9zuu9prvvb&rnd=lrhwaj9z2qpjezfr&siteId=beVmoi3WRm&source=ci&cCreatedAt=2024-01-16T00%3A00%3A00.000Z&cAuthor=Foreign%20Policy&cTags=Books%2Chomepage_regional_americas%2Chomepage_regional_asia%2Chomepage_regional_china%2Chomepage_regional_europe%2Chomepage_regional_middle_east_africa&cType=article&t=Foreign%20Policy&targKeys=session-depth%2Clngtd_version%2Caccess_status%2Cauthor%2Ctags%2Cliveintentid&userIdSources=criteoId%2Clipb%2Cpubcid%2Ctdid
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/ari-ci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 14:45:35 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
420b9c89b17c5239f9fbf64b1af04421
access-control-allow-headers
Content-Type
content-length
43
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://admin.s21.lol
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 14:45:36 GMT
server
Google Frontend
x-cloud-trace-context
6521a213c0b495b24b40c10c48b18155
view
securepubads.g.doubleclick.net/pcs/ Frame 2D77 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8PvknWsagDZASMlEgrAuCTnPIZdEjZDdnwKm794lK4j4h8gK0gLVuz3gWwQMofY4QZ2htWMy39G8fybQOgzDXfwRqJv5Vd4aUJ6NL6bwHwrcCZ7bcPDIz2GYNnDsWjWSymugkYN_ucs-5posiRPUv3t44IlF9XVWOa1VBGNdsh8VKgZSJPZdEeJ43p0AGTuD3ayWJcIguA_7AA1qupAC1XXSovMKs1lszNv2CXTu-e_aIi69c4TjI6_laUPd8pmfJoVZz9yzhJQIAKOX1UnL6RdOm_sV-9D28Kl_rc56PX0u6vTuwERq_B1AfJEbnHo2UpiTJOhf7eI_h45bVXCXKN3dy14dKQAl10R2uil_HU_IVDw&sai=AMfl-YRf1W3cQPP9MPaOkq3ItuOpwqwbMPuczx-pL5sFEWoh9IgByPLqtCa9oXJScqKADCbfXyLsf4Ypha0FLAejMqyu4F13yZkwpocg6EHy2UdwrKfXar01eJlpkejmzrg&sig=Cg0ArKJSzMW_2rG61NQSEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D77 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b3711515f1ad425c0a07a1aa57038aab8f1f9cd518b30a17b8ef1dfe3a69386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62787
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:45:36 GMT
11482937834299177751
tpc.googlesyndication.com/simgad/ Frame 2D77 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11482937834299177751?
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9ac8b331119a4bbbbc5f039dab4626d02b0494d00b9d337b33c139176d622ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 07:43:30 GMT
date
Tue, 16 Jan 2024 07:43:30 GMT
x-content-type-options
nosniff
age
111726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139870
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 16:45:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
imp
stats-collector.cxense.com/cr-stats/event/ 		42 B
135 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/imp?location=https%3A%2F%2Fadmin.s21.lol%2F&adId=6392348112&bnId=138452838176&pId=%2F7971222%2FHomepage_D_2&ckp=lrhwaj9zuu9prvvb&rnd=lrhwaj9z2qpjezfr&siteId=beVmoi3WRm&source=ci&cCreatedAt=2024-01-16T00%3A00%3A00.000Z&cAuthor=Foreign%20Policy&cTags=Books%2Chomepage_regional_americas%2Chomepage_regional_asia%2Chomepage_regional_china%2Chomepage_regional_europe%2Chomepage_regional_middle_east_africa&cType=article&t=Foreign%20Policy&targKeys=session-depth%2Clngtd_version%2Caccess_status%2Cauthor%2Ctags%2Cliveintentid&userIdSources=criteoId%2Cid5id%2Clipb%2Cpubcid%2Ctdid
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/ari-ci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 14:45:36 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
6dc8d8cffb4947a0e25b0117c74bccde
access-control-allow-headers
Content-Type
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame CB15 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZOWtmwdJo7_OzMp26J9SlmlMlRD5j3xtoVqEsmmmOWhm7R-Q4TMWAipGqzWM6telrFC60Z-xQCSahT2qZ689aFpDghKtyTTGEYLaBCLTaktkpEZpdarPyO1RqpUfAe0V5Xmi5pYhTkRvHf2VHj49tr-razoMRRyTd7vEclSLHtD1mulzfjTir69l2ZSaZ4AArk8nXXWxFdTGnLnZzTT9AY6jIzkyNaHyuyLRZvFak5rdDM3xFEOl2Fa7gF3Asugx8Tis7qoNOi0_yIFjicYDT5J3IDMLVePROTGTHbZrNnuXT7Ixmb5QcFMA-LyKw9XxbLG3Ay9UhJdwuWmdFD_U&sai=AMfl-YSm5ZAlp0ieP-f-JXoaclsG2Z35kH7hAeMcnCzq0JUR_hiaJMYTiTo93J1YGzuIhzlQGMs3-d2o6ORPbsfm74MPADsPwWpmY1NcUMWcl9n1xkAMO5IEGlDSrWWfyg&sig=Cg0ArKJSzLKDPu-jJlsNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 Jan 2024 14:45:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7759 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWhKUiJz4Q34pzhKcck2eALoJWcoVcAQxkH6IhUOuN3eJ8Od-kcEB3nlivqmI4sBjebh1TbDX4k1fTUOXbRZtcaVM8f99JfpHDMxjboj2Sfd8qK2-G8cnXhV1LO932NJKrk2OqDsz2BZuC4RBosMqaIjiqtza1AdVjogml9xxStiGGwwFWGZ0h02ekt7OS27ABKWBnR4zKtl7Lw3NSTmg6JD_JcOOwR-QvWtDaO86k2P-BND2K-m3JEFRtf3mK0QHwhtFEnPEYiCJ6Pxnbz4MOrfvdeYlB8hnd75whOPR6qH47iUkXRhpVBHetoAoHaLdWs9cMdBbP0fh3fzsq_zvHPUpQjM_bgUqi1-8DneCHeHV960eS&sai=AMfl-YTkFtmq73YJk7BCglBjgr19cdnHEeA9CAJwC_rnnFk-ePWcDwr56jDwF0WcE5qKmuvB2f_TxieDtzDmwEI77VCTKCUS63FdC3c17zIDtwtOofQuFVSA32gm-70DHA&sig=Cg0ArKJSzKJX53aiX5XbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 Jan 2024 14:45:36 GMT
truncated
/ Frame 7759 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34d0171f9f78d955a2d9d1b997376643a9f218864a0182c038744a260e62fae2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2D77 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ9gx5HbfroaY-HhByUyQKwB0vQcVsQNRFsCEzZoEwU-16YYAu-U4RjiZ_nC8Astp_cB0sXXs3CNeVMSKgh59qalEWuYpeWgrVE-y7lFXShWXEfP98ZBO10ntzx8Fqg6HtQLoR1f7ixdIlwYNtNq3Y9MLh5cOKlCfp79Dyq2iLKrFAjKR9SwASux15s32CbxED7CDZX0MYekxdnUybSIxgAt0YvIn7jNMitb2kLM45SiXrfmKkgzlKCDtG4oGsWRNCvXjRIYa-ctXMadvwEsRg3xAmbvey0SwI05jNvfPyuoNfD7M4-ZmgaPKcFrqP3R3uvPhxbgzFv16zz_L1ApRilJ2e2vEA2mP0Rc-4eTxtJImoRbiQ&sai=AMfl-YRiYfpR1S_zhEg6ZzLbIsDtJraFk95sIk30XfPOZA3KKODxJs4_Yw05eidXWT-sk9oYA7E1iFfDV_guJun3ik6ZvkomyPW-WM8ObrXekbwewrHaQVXfJmiCUKaG9FY&sig=Cg0ArKJSzNhMdqmQBEQGEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 Jan 2024 14:45:36 GMT
truncated
/ Frame 2D77 		222 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0c0e43475e22c3cbd577eb75358ec925d8070671a6a699d472c9c01387693d9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CB15 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b6e05aff304fdcc50470be44dc27103721573d43cb4626ae1872e0fe11d8986

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
dw-check.html
experiences.mrf.io/passexperience/ Frame 360E 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://experiences.mrf.io/passexperience/dw-check.html?v=6
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
792980
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400, s-maxage=2592000
cf-cache-status
HIT
cf-ray
846f6206b9dc8daf-MIA
content-encoding
gzip
content-type
text/html
date
Wed, 17 Jan 2024 14:45:36 GMT
last-modified
Mon, 08 Jan 2024 08:31:32 GMT
server
cloudflare
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1AF66AAF8F464E71942D802222AEBAF7&RedC=c.clarity.ms&MXFR=0C52851340466D9F1C7C911A4446636A
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1AF66AAF8F464E71942D802222AEBAF7&MUID=2B550B4690B3683404241F4F91AF69BF
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1AF66AAF8F464E71942D802222AEBAF7&MUID=2B550B4690B3683404241F4F91AF69BF
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:36 GMT
last-modified
Wed, 10 Jan 2024 01:59:15 GMT
server
Microsoft-IIS/10.0
etag
"c5fcfc9c6843da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 24D0810FBCB3498886F07B519630B79C Ref B: MIAEDGE2507 Ref C: 2024-01-17T14:45:36Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1AF66AAF8F464E71942D802222AEBAF7&MUID=2B550B4690B3683404241F4F91AF69BF
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95089cd0c63fbc0cc2d94c0263a46892efac44562ead9b6748aee732ccc2a941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12180
x-xss-protection
0
ingest.php
events.newsroom.bi/ 		2 B
777 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3439
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.93 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy05.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://admin.s21.lol
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
rum
admin.s21.lol/cdn-cgi/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://admin.s21.lol/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.11.184.118 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://admin.s21.lol/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
x-content-type-options
nosniff
server
nginx/1.24.0
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://admin.s21.lol
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
846f6209ace00b04-AMS
rum
admin.s21.lol/cdn-cgi/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://admin.s21.lol/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.11.184.118 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://admin.s21.lol/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
x-content-type-options
nosniff
server
nginx/1.24.0
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://admin.s21.lol
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
846f6208cd23b7b5-AMS
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:dc00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 17:35:20 GMT
content-encoding
gzip
via
1.1 eabcac050cde7358c94fc7ecf124ea4a.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:03:21 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
76216
etag
W/"65838ed9-9630"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Tb7B4_F6ofq3PStvp5cVtZu6yHn5zEc74o2DhzKI2souxQxxAShBYw==
expires
Wed, 17 Jan 2024 17:35:20 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
2389c843382df9a001cee3bc094455c53ed100d8449af0bbbcab6ce3a405150e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v3
id5-sync.com/gm/ 		693 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
70dc6ac959964df12f8f73d18df8631e8aefa71c0648b321103cc4a3777f6321
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://admin.s21.lol
date
Wed, 17 Jan 2024 14:45:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 14:45:36 GMT
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:45:36 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=foreignpolicy.com&p=%2F&u=D3BJsKDQ7x6E_BzZE&d=admin.s21.lol&g=62828&g0=Excerpt&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6180&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fadmin.s21.lol%2F&b=5063&t=Bav06wBmEdaSC0g6v_CynmSzBIBxEL&V=143&i=Foreign%20Policy%20%E2%80%93%20the%20Global%20Magazine%20of%20News%20and%20Ideas&tz=600&_acct=anon&sn=1&sv=BpUaM1U_CoWDC9VtXCZ5MDkDJdJQe&sr=external&sd=1&im=067b0fd3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.136.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-136-188.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 17 Jan 2024 14:45:36 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C88E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
67107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:07:09 GMT
expires
Wed, 15 Jan 2025 20:07:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3E56 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e451555f27e9c0515d1022fe4106b4985903ac23a865a5cd27cc1cd884111cf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Rglt_UOh0zNtYF5bX7muCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Rglt_UOh0zNtYF5bX7muCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:45:36 GMT
expires
Wed, 17 Jan 2024 14:45:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame C88E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:28:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 19:28:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3E56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401100101&jk=3821249020643984&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
syncframe
gum.criteo.com/ Frame F20D 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=admin.s21.lol
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:45:35 GMT
server
Kestrel
server-processing-duration-in-ticks
692244
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:45:37 GMT
collect
t.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://admin.s21.lol
Date
Wed, 17 Jan 2024 14:45:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://admin.s21.lol
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 14:45:37 GMT
server
Google Frontend
x-cloud-trace-context
b22cf75dd758e9cf72ad1a9508717923
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 17 Jan 2024 14:45:37 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
1c72cc538dd0a6dc1333f5ddc358b9d2
access-control-allow-headers
Content-Type
content-length
43
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://admin.s21.lol
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 14:45:37 GMT
server
Google Frontend
x-cloud-trace-context
cf5245a768530d3f63b077fedead5f07
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 17 Jan 2024 14:45:37 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
d7de2be90dcf757c90e5d76e039e95e4
access-control-allow-headers
Content-Type
content-length
43
sid
mug.criteo.com/ Frame F20D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=s21.lol&sn=ChromeSyncframe&so=3&topUrl=admin.s21.lol&bundle=jofvMF8yYlUxdHNNMzFCeXNPSkM3ZWR2UjlHaFAlMkYlMkZKSHZCR1I1dTZDVlZVMVdNVWJCc1lReV...
  • https://mug.criteo.com/sid?cpp=QTXs5Hx4YlZudFNHWjYvaVFobFpPanUyaitGYXVUcWxCRnBvaitkNlV3YXVQSVhkYjNLdE1sWU9ZUzg1Smx4ellHeFZaNWxURGFrNGNEamdaQTV5bjM3UFhWQUo2RGloTkVOSjlxT2ErdUowVHRIT1VubUtWVzlTRHVYcU...
419 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QTXs5Hx4YlZudFNHWjYvaVFobFpPanUyaitGYXVUcWxCRnBvaitkNlV3YXVQSVhkYjNLdE1sWU9ZUzg1Smx4ellHeFZaNWxURGFrNGNEamdaQTV5bjM3UFhWQUo2RGloTkVOSjlxT2ErdUowVHRIT1VubUtWVzlTRHVYcUFHWUpEN2NGYWYyVXptUm93Q1FXOE9Gd1l2VE9HRTFjSklMNmxDZEgvL0c3Y2N1Y2FIQ3AwczBaRHM5SGZCSm5BQjlZdW5QMGo5TkZ2WnZRL1dmZTA3Y1NmdWRiVlB1Yi9mWjFGSEczMmZ6QlgvdjhQYWdRNFVTMGJTaWk1SVZSdFJ0eUowL2Q1dENRQUlJYmtia0dnWlc3QllBc3VkMFNKa0VLdUNLNEpJeGxOSzhxS3JHYz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a00ba2ac3c436cd3bf79893b7b3ceed4c43dba0645eff6bd4bacde23aa58d57e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1314994
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=QTXs5Hx4YlZudFNHWjYvaVFobFpPanUyaitGYXVUcWxCRnBvaitkNlV3YXVQSVhkYjNLdE1sWU9ZUzg1Smx4ellHeFZaNWxURGFrNGNEamdaQTV5bjM3UFhWQUo2RGloTkVOSjlxT2ErdUowVHRIT1VubUtWVzlTRHVYcUFHWUpEN2NGYWYyVXptUm93Q1FXOE9Gd1l2VE9HRTFjSklMNmxDZEgvL0c3Y2N1Y2FIQ3AwczBaRHM5SGZCSm5BQjlZdW5QMGo5TkZ2WnZRL1dmZTA3Y1NmdWRiVlB1Yi9mWjFGSEczMmZ6QlgvdjhQYWdRNFVTMGJTaWk1SVZSdFJ0eUowL2Q1dENRQUlJYmtia0dnWlc3QllBc3VkMFNKa0VLdUNLNEpJeGxOSzhxS3JHYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
314729
content-length
0
expires
0
in-screen
stats-collector.cxense.com/cr-stats/event/ 		42 B
135 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/in-screen?location=https%3A%2F%2Fadmin.s21.lol%2F&adId=6391923355&bnId=138449496508&pId=%2F7971222%2FHomepage_D_1&timeOnScreen=1&ckp=lrhwaj9zuu9prvvb&rnd=lrhwaj9z2qpjezfr&siteId=beVmoi3WRm&source=ci&cCreatedAt=2024-01-16T00%3A00%3A00.000Z&cAuthor=Foreign%20Policy&cTags=Books%2Chomepage_regional_americas%2Chomepage_regional_asia%2Chomepage_regional_china%2Chomepage_regional_europe%2Chomepage_regional_middle_east_africa&cType=article&t=Foreign%20Policy
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/ari-ci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 14:45:37 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
generate_204
tpc.googlesyndication.com/ Frame C88E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6KOthA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sdk-runtime-config.js
buy.tinypass.com/api/v3/anon/assets/ 		279 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=beVmoi3WRm
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
948e14a13e5a54e2ecafb160ca62dedc70ed36bf21befaa0a389b101ecfc1911
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
MISS
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M1cue7sMhqj
wn
prod-dash-10-0-130-182
last-modified
Wed, 17 Jan 2024 14:45:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.007
cache-control
public, max-age=14400
cf-ray
846f620c1ea07436-MIA
expires
Wed, 17 Jan 2024 18:45:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7759 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWiRo5DJjGqFkGmst_rNy0xS5caO_fvnLWkNsdcmD884VnvNAdcTNCmDvkFIhgkAcMD5M9alQ_gCiqkg1J8pvsceo3Wqb8IilAgiBfMnh6nXlrsL4_oc5i-AC9nEuf2HuPCj4NqtmDSpH0g0pZY-NOnsWe&sig=Cg0ArKJSzIFCr_mKMwkqEAE&id=lidar2&mcvt=1000&p=100,436,190,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1898810586&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705502735885&rpt=351&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: admin.s21.lol
URL: https://admin.s21.lol/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jan 2024 13:51:45 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3232
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 17 Jan 2024 15:51:45 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=584931854&t=event&ni=1&_s=1&dl=https%3A%2F%2Fadmin.s21.lol%2F&ul=en-us&de=UTF-8&dt=Foreign%20Policy%20%E2%80%93%20the%20Global%20Magazine%20of%20News%20and%20Ideas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experienceExecute&el=Experience%20execute&_u=6CDACEABBAAAACAAI~&jid=1822797340&gjid=722722363&cid=1281492989.1705502733&tid=UA-6874192-41&_gid=775211254.1705502734&_r=1&z=1661330955
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
in-screen
stats-collector.cxense.com/cr-stats/event/ 		42 B
135 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/in-screen?location=https%3A%2F%2Fadmin.s21.lol%2F&adId=6489816892&bnId=138462006637&pId=%2F7971222%2FHomepage_D_4&timeOnScreen=1&ckp=lrhwaj9zuu9prvvb&rnd=lrhwaj9z2qpjezfr&siteId=beVmoi3WRm&source=ci&cCreatedAt=2024-01-16T00%3A00%3A00.000Z&cAuthor=Foreign%20Policy&cTags=Books%2Chomepage_regional_americas%2Chomepage_regional_asia%2Chomepage_regional_china%2Chomepage_regional_europe%2Chomepage_regional_middle_east_africa&cType=article&t=Foreign%20Policy
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/ari-ci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 14:45:37 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame CB15 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5HIHVOpT4xtcmizfH32uIdLkfQG5ZJotcw2ZQbjXAWKVElKQsOuPYw89ejChEs7okl-yo4tygmVKhVk6jDLiXg_NsxAtcmYDiYFCKje_V7jJ9BRoc4UbX3S2SKqfJ-MKieXk2mR6A7hNiCPDUQu6ok-iu&sig=Cg0ArKJSzC5_aYud6SJkEAE&id=lidar2&mcvt=1000&p=321,1091,637.6875,1450&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=4231310176&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705502735639&rpt=548&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6874192-41&cid=1281492989.1705502733&jid=1822797340&gjid=722722363&_gid=775211254.1705502734&_u=6CDACEABBAAAACAAI~&z=1074453519
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 17 Jan 2024 14:45:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6874192-41&cid=1281492989.1705502733&jid=1822797340&_u=6CDACEABBAAAACAAI~&z=1915356978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401100101&jk=3821249020643984&bg=!NDelN3jNAAa8BdJLnAU7ADQBe5WfOFYVHsVP7E6SNt56VPbL0kAIX2etNrZAwWlDBwxPmpcIumypyFy9kBXvZhlZVA_fAgAAAG1SAAAABGgBB5kCv0m1b9U-t5lK0p-0am63vunCR7XT72RS3R7i_SBTfRG66BX-aLH1qxFu99kqU52ODKp9mbK8wuJHB6kT4GsJOFQtV1CXZEgqvXGvdthb8ACZHSWyufaWztp0TfbPMugRh8Rq84TAzQP7uS1CbozYuzcha5RVwX_M2eq8kwiEkmkhJPVtvuZHF83ryf1O2CPgjFCaSWhkJOgr7CAGVEX6UjqJuZUljtKMxGNcl2XdaZljIS2LgBVXhoGW9z-WINP4gzmxlpz-jr3jaerEymuo0VKVtDl3EnxIQIC-mf4E4iLo5CdjUOPAL4y7XsiQBk5VT8PcMgFboGJMllbcpEkMDhdP0GvMvhjpXbkeEmCkbIbUD6FJ0DXgCs213e7fN5yMh87m6HtRSftGSLgvvPKCtEx_v7kynPoIQuINU7h64mJqkKqhD1zXwAyp7hI0mnXFbrN3DkYb69FwTOhdiPo170-kJ09gaPXqSTWC4SLh25u88nFYGnaD8e67HT2JoFsdsP-wEb9w3a97G44gUdv8E68DwVMi82oHFMx6fHHFaZlQrZKI-r_RDICZ_1UiN_2YnvUEYJkDGImsvDZP2qXz9XsmZLrZr4oIXGcAC29f6vWlMvPgEZp4fOhz4ofbJ4GEm3GjmB3aqqU6HhOlOowSjUF6XGv10ie4rTOLPjD-MSdAigaJB87Taa8K3X46SroZYoqMzGPevS6Q_tFBeVkmk2j0asn_Piom_ukW-2LgmalszsxoniFymH41aVq5C3GoCik6dl259svPED7Dr_pmPNCjqnCm7sHR3Ny02CkUiojBNfNmt_tNQlKPVITtFPX1xfpPrkFFn_wJc0VbrUS_vpgR3-U79u7ETlxliooH4i4t6NnaIi5-qKiJtJdYhJjZMx7tkafkPjBSPqKnpfOKdmbnXNTciNpNTDuDfXJzwss
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
in-screen
stats-collector.cxense.com/cr-stats/event/ 		42 B
135 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/in-screen?location=https%3A%2F%2Fadmin.s21.lol%2F&adId=6391923355&bnId=138449496508&pId=%2F7971222%2FHomepage_D_1&timeOnScreen=2&ckp=lrhwaj9zuu9prvvb&rnd=lrhwaj9z2qpjezfr&siteId=beVmoi3WRm&source=ci&cCreatedAt=2024-01-16T00%3A00%3A00.000Z&cAuthor=Foreign%20Policy&cTags=Books%2Chomepage_regional_americas%2Chomepage_regional_asia%2Chomepage_regional_china%2Chomepage_regional_europe%2Chomepage_regional_middle_east_africa&cType=article&t=Foreign%20Policy
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/ari-ci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 14:45:38 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
in-screen
stats-collector.cxense.com/cr-stats/event/ 		42 B
135 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/in-screen?location=https%3A%2F%2Fadmin.s21.lol%2F&adId=6489816892&bnId=138462006637&pId=%2F7971222%2FHomepage_D_4&timeOnScreen=2&ckp=lrhwaj9zuu9prvvb&rnd=lrhwaj9z2qpjezfr&siteId=beVmoi3WRm&source=ci&cCreatedAt=2024-01-16T00%3A00%3A00.000Z&cAuthor=Foreign%20Policy&cTags=Books%2Chomepage_regional_americas%2Chomepage_regional_asia%2Chomepage_regional_china%2Chomepage_regional_europe%2Chomepage_regional_middle_east_africa&cType=article&t=Foreign%20Policy
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/ari-ci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 14:45:38 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/foreignpolicy/homepage.1705075560.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
1ff49b12e5dd1a990f31c524f130094ac027c7481bc78c65860977a3ad24d491

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 17 Jan 2024 14:45:38 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
94e3111844af325899261f3bd417a11a
access-control-allow-headers
Content-Type
content-length
43
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://admin.s21.lol
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 14:45:38 GMT
server
Google Frontend
x-cloud-trace-context
1c04deb968442ab787a1ae9e74cd5031
ixmatch.html
js-sec.indexww.com/um/ Frame C276 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
118
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
846f621da865da67-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 14:45:40 GMT
expires
Wed, 17 Jan 2024 18:45:40 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
addkt-d.openx.net/w/1.0/ Frame 2E99
Redirect Chain
  • https://addkt-d.openx.net/w/1.0/pd
  • https://addkt-d.openx.net/w/1.0/pd?cc=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://addkt-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e7ace1bcb75bce2ca3c6cf1b90d369cc45457485b54bb0793552c481d8acb61a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
733
content-type
text/html
date
Wed, 17 Jan 2024 14:45:40 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 17 Jan 2024 14:45:40 GMT
location
https://addkt-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 289F 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Jan 2024 14:45:40 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2312 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=90032
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 17 Jan 2024 14:45:40 GMT
expires
Thu, 18 Jan 2024 15:46:12 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9664 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-249.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 17 Jan 2024 14:45:40 GMT
ETag
"623de86a-cf34"
Expires
Thu, 18 Jan 2024 14:45:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 0329
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: s.lngtdv.com
URL: https://s.lngtdv.com/prebid/foreignpolicy/prebid8.30.0.1705075539.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
95248706ce41c107d1f0788863f0d36476a80a317b705ec54397f1688475894d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1339
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 14:45:40 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 17 Jan 2024 14:45:40 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=1de3d188-5003-40b3-a1d5-bdd061ea67ba&google_hm=MWRlM2QxODgtNTAwMy00MGIzLWExZDUtYmRkMDYxZWE...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMTUB1_4jsMSxu3wa0LitI0&google_cver=1&ssp=themediagrid&bsw_param=1de3d188-5003-40b3-a1d5-bdd061ea67ba
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMTUB1_4jsMSxu3wa0LitI0&google_cver=1&ssp=themediagrid&bsw_param=1de3d188-5003-40b3-a1d5-bdd061ea67ba
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:45:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMTUB1_4jsMSxu3wa0LitI0&google_cver=1&ssp=themediagrid&bsw_param=1de3d188-5003-40b3-a1d5-bdd061ea67ba
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
365
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
in-screen
stats-collector.cxense.com/cr-stats/event/ 		42 B
135 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/in-screen?location=https%3A%2F%2Fadmin.s21.lol%2F&adId=6391923355&bnId=138449496508&pId=%2F7971222%2FHomepage_D_1&timeOnScreen=4&ckp=lrhwaj9zuu9prvvb&rnd=lrhwaj9z2qpjezfr&siteId=beVmoi3WRm&source=ci&cCreatedAt=2024-01-16T00%3A00%3A00.000Z&cAuthor=Foreign%20Policy&cTags=Books%2Chomepage_regional_americas%2Chomepage_regional_asia%2Chomepage_regional_china%2Chomepage_regional_europe%2Chomepage_regional_middle_east_africa&cType=article&t=Foreign%20Policy
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/ari-ci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 14:45:40 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
collect
t.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://admin.s21.lol
Date
Wed, 17 Jan 2024 14:45:40 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
usermatch
ssum-sec.casalemedia.com/ Frame 41FF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
898 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78d4e7687f6f9432a385cd64ab89023eed8194b77ed840389c28385358bc958c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
846f621e8d776dd4-MIA
content-encoding
br
content-type
text/html
date
Wed, 17 Jan 2024 14:45:40 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFSbWNvK25H17Uim%2B%2BGYzjcRWCCdkKSSuJ2J7SKb%2BjK%2BIJMXGRZReW%2FwQNhIpAl51QYPl%2BFYGljNrJa3H5boi1vWtE%2Fz5MrzcKAR0rjqLtkjOFRJdC448LZ27W9qf06oYjcEcZu5fvbNcg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
846f621e1ce56dd4-MIA
content-length
0
date
Wed, 17 Jan 2024 14:45:40 GMT
expires
0
location
/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbSnAOWPnt2MDMHzwlmK3GUZkqZ0oLhBNHAobsQNM07aJ9843Sck2lreDLareiZfSuH46GgQniI0iusI4cglZtsLwqHXedIQ67W20oXH1gH8sNSyhwwVWTZjjihB8PzBPRDKNZ7MVSwtMA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ups.analytics.yahoo.com/ups/58294/ Frame 2E99
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=3ef9f5e6-fc55-05ae-3390-147f5fa5e1c3
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=3ef9f5e6-fc55-05ae-3390-147f5fa5e1c3&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=3ef9f5e6-fc55-05ae-3390-147f5fa5e1c3&verify=true
Requested by
Host: addkt-d.openx.net
URL: https://addkt-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://addkt-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=3ef9f5e6-fc55-05ae-3390-147f5fa5e1c3&verify=true
date
Wed, 17 Jan 2024 14:45:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
db_sync
px.ads.linkedin.com/ Frame 2E99
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=45fb0909-e978-0987-3fce-5586f19d7472
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokNDVmYjA5MDktZTk3OC0wOTg3LTNmY2UtNTU4NmYxOWQ3NDcyEAAaDQiU0J-tBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=94f23be42d2515cecd7a77d483690c33ba81caa75bdee39da519dae28f2318c3791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=94f23be42d2515cecd7a77d483690c33ba81caa75bdee39da519dae28f2318c3791426b5417dce21&rand=02541895
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=94f23be42d2515cecd7a77d483690c33ba81caa75bdee39da519dae28f2318c3791426b5417dce21&rand=02541895
Requested by
Host: addkt-d.openx.net
URL: https://addkt-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://addkt-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:40 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 82A308D468A84193A9A494CE26E4AD2B Ref B: MIAEDGE2717 Ref C: 2024-01-17T14:45:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPJU0GidCIDjY7KRyLaQ==

Redirect headers

date
Wed, 17 Jan 2024 14:45:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=94f23be42d2515cecd7a77d483690c33ba81caa75bdee39da519dae28f2318c3791426b5417dce21&rand=02541895
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 2E99
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=5422553912594021682
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=5422553912594021682
Requested by
Host: addkt-d.openx.net
URL: https://addkt-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://addkt-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
an-x-request-uuid
b36c9819-7f2b-47cb-bbce-4e6a46999b83
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=5422553912594021682
x-proxy-origin
38.132.118.72; 38.132.118.72; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2E99
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3722499249143144507&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3722499249143144507&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: addkt-d.openx.net
URL: https://addkt-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://addkt-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3722499249143144507&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 2E99
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZafoFAAPMivl1ABH
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZafoFAAPMivl1ABH&_test=ZafoFAAPMivl1ABH
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZafoFAAPMivl1ABH&_test=ZafoFAAPMivl1ABH
Requested by
Host: addkt-d.openx.net
URL: https://addkt-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://addkt-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760020-MIA
pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705502740.386858,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZafoFAAPMivl1ABH&_test=ZafoFAAPMivl1ABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
84fa102b-b493-adae-5160-c3803751d8e3
pr-bh.ybp.yahoo.com/sync/openx/ Frame 2E99 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/84fa102b-b493-adae-5160-c3803751d8e3?gdpr=0
Requested by
Host: addkt-d.openx.net
URL: https://addkt-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:bfa:a46e:1266:8631 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://addkt-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 2E99
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=48eb0a12-3895-841d-a0b9-57e2a035de4a
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=48eb0a12-3895-841d-a0b9-57e2a035de4a&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=48eb0a12-3895-841d-a0b9-57e2a035de4a&dcc=t
Requested by
Host: addkt-d.openx.net
URL: https://addkt-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://addkt-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 14:45:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XB7KRK68X08D60DTXKNZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 14:45:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3B7V9QEM9RWDJZ8XRDE1
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=48eb0a12-3895-841d-a0b9-57e2a035de4a&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2E99
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=103d766f-243f-3fe7-60b7-d575c80615aa&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1c95ae01-40fe-4041-9062-cd8934fc2a2e&ttd_puid=103d766f-243f-3fe7-60b7-d575c80615aa&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1c95ae01-40fe-4041-9062-cd8934fc2a2e&ttd_puid=103d766f-243f-3fe7-60b7-d575c80615aa&gdpr=0&gdpr_consent=
Requested by
Host: addkt-d.openx.net
URL: https://addkt-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://addkt-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1c95ae01-40fe-4041-9062-cd8934fc2a2e&ttd_puid=103d766f-243f-3fe7-60b7-d575c80615aa&gdpr=0&gdpr_consent=
date
Wed, 17 Jan 2024 14:45:40 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 2E99 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2M1MmE1YTUtZWQ0OC02MTQzLTc1NTctOGZjYzAyZTRkYmNh
Requested by
Host: addkt-d.openx.net
URL: https://addkt-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://addkt-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2E99
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEyG4ljB4vrSvG5Xkbp0iUE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEyG4ljB4vrSvG5Xkbp0iUE&google_cver=1
Requested by
Host: addkt-d.openx.net
URL: https://addkt-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://addkt-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEyG4ljB4vrSvG5Xkbp0iUE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 289F 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
201fe79ea95392b63726ff87a1e14e14c2580cd488c89ff015922cd715e1b0ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:45:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jan 2024 03:53:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=47306
Connection
keep-alive
Content-Length
10963
Expires
Thu, 18 Jan 2024 03:54:06 GMT
xuid
eb2.3lift.com/ Frame 0329
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1c95ae01-40fe-4041-9062-cd8934fc2a2e&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=1c95ae01-40fe-4041-9062-cd8934fc2a2e&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=1c95ae01-40fe-4041-9062-cd8934fc2a2e&dongle=0cfd&gdpr=0&gdpr_consent=
date
Wed, 17 Jan 2024 14:45:40 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 0329
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MjA3MTQzMzIzMDY4NTkwOTMx
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 0329
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAVRZ2Air3PAPxPGQUU0wBU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAVRZ2Air3PAPxPGQUU0wBU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAVRZ2Air3PAPxPGQUU0wBU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0329
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MjA3MTQzMzIzMDY4NTkwOTMx
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MjA3MTQzMzIzMDY4NTkwOTMx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MjA3MTQzMzIzMDY4NTkwOTMx
date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 0329 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=225207143323068590931&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:39 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: AF338FC445084F39B32F78014C325027 Ref B: MIAEDGE2717 Ref C: 2024-01-17T14:45:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPJU0AbJA/EiNzt3sSPw==
xuid
eb2.3lift.com/ Frame 0329
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/225207143323068590931?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Oj_BWu1E2oS0Y2zWdj0ooz76fxjWyiaGAAWg035d_Q--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Oj_BWu1E2oS0Y2zWdj0ooz76fxjWyiaGAAWg035d_Q--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 17 Jan 2024 14:45:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Oj_BWu1E2oS0Y2zWdj0ooz76fxjWyiaGAAWg035d_Q--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 0329
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=225207143323068590931&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4336018554955098065&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1de3d188-5003-40b3-a1d5-bdd061ea67ba&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=1de3d188-5003-40b3-a1d5-bdd061ea67ba&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=1de3d188-5003-40b3-a1d5-bdd061ea67ba&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 17 Jan 2024 14:45:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 0329
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=91b365df-315a-4bb6-aafb-0089d1a60ff6&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=91b365df-315a-4bb6-aafb-0089d1a60ff6&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:40 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:39 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=91b365df-315a-4bb6-aafb-0089d1a60ff6&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1577133
content-length
0
expires
Wed, 17 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 0329
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=280428771345290224&dongle=4d58&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=280428771345290224&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
an-x-request-uuid
f807b4bc-b188-4a1d-9279-9869fe4b6647
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=280428771345290224&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.72; 38.132.118.72; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 0329 		43 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=225207143323068590931
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
an-x-request-uuid
ccc7fd33-5248-455c-a926-925d392852f5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2312 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51376199&p=160037&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fbd3a61300e171c3faf306c6df2d438e171ea0c407c977fdb71c8323d251fc16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 14:45:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
crum
dsum-sec.casalemedia.com/ Frame 41FF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZafoFHJh0SIqlKG6IcEKLQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP0stesGUj8suQ341K5_UhY&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP0stesGUj8suQ341K5_UhY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpDYPDFMsNW1HuQAwE%2B5G4%2FWKO67JRkefdQ%2FitR6ATQCOL%2FakHgwsSQ0H79l6JUUR0gQTraJd4En%2FSRPTiXRzsvbcxSP3d5BJSnQZI7gSF74ffRyC%2FGZDmuk9B8KuXvoyTBI3c5sT7K5Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f622079e9db2d-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP0stesGUj8suQ341K5_UhY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 41FF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZafoFHJh0SIqlKG6IcEKLQAABpwAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZafoFHJh0SIqlKG6IcEKLQAABpwAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZafoFHJh0SIqlKG6IcEKLQAABpwAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 14:45:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8YV83FPY7QK06XS35X60
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 14:45:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0AAPYJ88N8XHAS2QFPER
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZafoFHJh0SIqlKG6IcEKLQAABpwAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
pippio.com/api/ Frame 41FF
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZafoFHJh0SIqlKG6IcEKLQAA%261692&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3722499249143144507
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=f24dd1ce-25f3-41d9-856c-3859e35707c3
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=68c1c10d-9882-42f8-b979-b7bc5b638b6c%3A1705502741.02463&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D68c1c10d-9882-42f8-b...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377156005274791&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D68c1c1...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=68c1c10d-9882-42f8-b979-b7bc5b638b6c%3A1705502741.02463&pid=500040&it=1&iv=68c1c10d-9882-42f8-b979-b7bc5b638b6c%3A1705502741.02463&_=1705502...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1705502741.0275428&iv=68c1c10d-9882-42f8-b979-b7bc5b638b6c:1705502741.02463
42 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1705502741.0275428&iv=68c1c10d-9882-42f8-b979-b7bc5b638b6c:1705502741.02463
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:41 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1705502741.0275428&iv=68c1c10d-9882-42f8-b979-b7bc5b638b6c:1705502741.02463
Date
Wed, 17 Jan 2024 14:45:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
usermatchredir
ssum-sec.casalemedia.com/ Frame 41FF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZafoFHJh0SIqlKG6IcEKLQAABpwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELLBGAqyV-HgjZnJBpdq-Eo&google_cver=1
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELLBGAqyV-HgjZnJBpdq-Eo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVcs%2BNO7GzaR8JDCdWDfQTTTlZj82h4CwZKqx29hvKd3%2F2vsUQZjo9kiSMfzO1yqrqlDwa7s%2BC3Kq5dePRNkg0CWNuHEOfvXqOsrtw9g7iCRg%2Fap7izendvDi%2F0WLIM0gfsS%2BmuIMnv6vw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f621fe8d8db2d-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELLBGAqyV-HgjZnJBpdq-Eo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 41FF
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=17DE507BB70C4FB898E3CA2D93F8F320
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=17DE507BB70C4FB898E3CA2D93F8F320
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaVz3QuMKlvbE5XPV%2B5Nktykm0NKwtnAw4jHJjNQ89HPhiQ0a4Sqj9H2bLUNmK1mZN8nSoQiG3o12LHIQou%2Blp9Oxuq87q808mvDMYummLeHO1FnNoKMLthlmonnrdeCJXZLTV1LipdswA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f622089efdb2d-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 17 Jan 2024 14:45:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=17DE507BB70C4FB898E3CA2D93F8F320
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 16 Jan 2024 14:45:40 GMT
crum
dsum-sec.casalemedia.com/ Frame 41FF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4822173424027145722&gdpr=0&gdpr_consent=
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4822173424027145722&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyzEIgwBm9h1jzEHBfwnY%2B%2FmtRYsP8uHl5o7aZthvYgryLsketnh5cNqtXcDTnQ08YZisiWZTRIOGxvUd9IMBhp5mpO2KGOdkihJJU%2F1FPNEIx1I8NBNRzITWl8zX3%2ByHfgBaIRh7FBpAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f62213af9db2d-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4822173424027145722&gdpr=0&gdpr_consent=
date
Wed, 17 Jan 2024 14:45:39 GMT
content-length
0
rum
r.casalemedia.com/ Frame 41FF
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&gdpr=0&gdpr_consent=
43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uY1x6fLCsEDFlM0SbdE1ytt0NqjhJaqpBP9wpygSEQhzeAVjVR2Y4u%2FlNNHCMl1yBjqF2WuWVZnYbNMTfEWl%2BKMEsxn7a3YYa3%2FJeMYySoZ%2Btgb%2BQ%2F6LS%2FsGbOjTCLa5hxtC"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f6221b9886dd4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 17 Jan 2024 14:45:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rum
dsum.casalemedia.com/ Frame 41FF
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=4e3250c2b4fe11e2&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGWnVnu6PP0gMMqU7zAAAAAAA&expiration=1705589140&is_secure=true
43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGWnVnu6PP0gMMqU7zAAAAAAA&expiration=1705589140&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQ%2FxTesHBVd7SHDPc0MJamXECnKkMwm1Uqp%2F3FqJV9koMwXkIoce93a73CBrS2xdkB7VHsF%2BHjplz7u4HQus2%2F5AhcN9w9VWdivil2UzdFXN5%2BcKLh0%2BPqzVAibp%2Bb%2FUetHMeaw1"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f622209cd6dd4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGWnVnu6PP0gMMqU7zAAAAAAA&expiration=1705589140&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 41FF 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZafoFHJh0SIqlKG6IcEKLQAA%261692
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:40 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
12625
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
846f621f2b69da67-MIA
content-length
43
expires
Thu, 18 Jan 2024 14:45:40 GMT
async_usersync
ib.adnxs.com/ Frame 9664 		0
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
an-x-request-uuid
a35cd143-5b92-42c0-9a40-8b04955e7a48
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 289F 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
in-screen
stats-collector.cxense.com/cr-stats/event/ 		42 B
135 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/in-screen?location=https%3A%2F%2Fadmin.s21.lol%2F&adId=6489816892&bnId=138462006637&pId=%2F7971222%2FHomepage_D_4&timeOnScreen=4&ckp=lrhwaj9zuu9prvvb&rnd=lrhwaj9z2qpjezfr&siteId=beVmoi3WRm&source=ci&cCreatedAt=2024-01-16T00%3A00%3A00.000Z&cAuthor=Foreign%20Policy&cTags=Books%2Chomepage_regional_americas%2Chomepage_regional_asia%2Chomepage_regional_china%2Chomepage_regional_europe%2Chomepage_regional_middle_east_africa&cType=article&t=Foreign%20Policy
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/ari-ci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 14:45:40 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame EF00 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=A86775D2-3BBA-4AD4-84DC-BD63429E9315&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 17 Jan 2024 14:45:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
AZ8TKHXCXXHKSCWPX4B4
Pug
simage2.pubmatic.com/AdServer/ Frame 95B8
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=15bb5b50-b547-11ee-a8a7-513fb37e1806
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=15bb5b50-b547-11ee-a8a7-513fb37e1806
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 14:45:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Wed, 17 Jan 2024 14:45:40 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=15bb5b50-b547-11ee-a8a7-513fb37e1806
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-6
Pug
image2.pubmatic.com/AdServer/ Frame 5E07
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFTElrN0xUOUFBQUJNSXJUb3RLUQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?uid=AAEUJU7LT9AAABLZ13GuhQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?ev=AAEUJU7LT9AAABLZ13GuhQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEUJU7LT9AAABLZ13GuhQ&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEUJU7LT9AAABLZ13GuhQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=4822173424027145722&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEUJU7LT9AAABLZ13GuhQ&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEUJU7LT9AAABLZ13GuhQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 03:34:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 17 Jan 2024 14:45:42 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEUJU7LT9AAABLZ13GuhQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame ED5B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=280428771345290224&gdpr=0&gdpr_consent=
42 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=280428771345290224&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 14:45:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
b5380bb1-c042-468c-840a-f521dd668e7c
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 14:45:40 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=280428771345290224&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
38.132.118.72; 38.132.118.72; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 2FDA 		85 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 17 Jan 2024 14:45:40 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760020-MIA
x-timer
S1705502741.520528,VS0,VE26
141
match.deepintent.com/usersync/ Frame 7230 		0
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Wed, 17 Jan 2024 14:45:40 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 327C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://t.pswec.com/bsw_sync?ssp=pubmatic&bsw_user_id=1de3d188-5003-40b3-a1d5-bdd061ea67ba
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=pubmatic&bsw_user_id=1de3d188-5003-40b3-a1d5-bdd061ea67ba
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=db2caf27-d121-40fd-b5cd-cfe91988f726&expires=3&user_group=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1de3d188-5003-40b3-a1d5-bdd061ea67ba&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1de3d188-5003-40b3-a1d5-bdd061ea67ba&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 14:45:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 17 Jan 2024 14:45:40 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1de3d188-5003-40b3-a1d5-bdd061ea67ba&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 545B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EYyeSEKBzxkKiJxOFY7STEOKmhoKj88eHo5hMc5z
42 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EYyeSEKBzxkKiJxOFY7STEOKmhoKj88eHo5hMc5z
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 03:36:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 17 Jan 2024 14:45:40 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EYyeSEKBzxkKiJxOFY7STEOKmhoKj88eHo5hMc5z
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 4279
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Y4hkYc3S1Rq7aI5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Y4hkYc3S1Rq7aI5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 03:23:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 17 Jan 2024 14:45:40 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Y4hkYc3S1Rq7aI5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-08966fae379fb4d30@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame F616
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4sFL9glzVMVgpwr4qouw3CaEdkg&gdpr=0&gdpr_consent=
42 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4sFL9glzVMVgpwr4qouw3CaEdkg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 03:36:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 17 Jan 2024 14:45:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4sFL9glzVMVgpwr4qouw3CaEdkg&gdpr=0&gdpr_consent=
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 3D84
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=41692910-2d4d-4b79-9a49-4a5f450a4f42&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A86775D2-3BBA-4AD4-84DC-BD63429E9315
42 B
499 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A86775D2-3BBA-4AD4-84DC-BD63429E9315
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.17.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-17-237.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Wed, 17 Jan 2024 14:45:40 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 17 Jan 2024 03:34:33 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A86775D2-3BBA-4AD4-84DC-BD63429E9315
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pubmatic
ad.mrtnsvr.com/sync/ Frame 4B2F 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame AA9D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 14:45:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:45:40 GMT
expires
Wed, 17 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1657262
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 7E61
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377156005274791
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377156005274791
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 14:45:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 17 Jan 2024 14:45:40 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377156005274791
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
i.match
s.tribalfusion.com/z/ Frame B122
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
846f62224cf60321-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 14:45:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
846f62215be90321-MIA
content-type
text/html
date
Wed, 17 Jan 2024 14:45:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
2954
Pug
image2.pubmatic.com/AdServer/ Frame 1192
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU21cc52f003df4f959f7c44e479506b6b
42 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU21cc52f003df4f959f7c44e479506b6b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 14:45:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 14:45:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU21cc52f003df4f959f7c44e479506b6b
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame D9C7
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 03:37:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 17 Jan 2024 14:45:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2312
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qGd10ju6StSE3L1jQp6TFQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:40 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=90032
accept-ranges
bytes
content-length
5622
expires
Thu, 18 Jan 2024 15:46:12 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 2312
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A86775D2-3BBA-4AD4-84DC-BD63429E9315
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=A86775D2-3BBA-4AD4-84DC-BD63429E9315
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1f74a0b1-7e94-4c5c-a840-0b41e167d946%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1c95ae01-40fe-4041-9062-cd8934fc2a2e&ttd_puid=1f74a0b1-7e94-4c5c-a840-0b41e167d946%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1c95ae01-40fe-4041-9062-cd8934fc2a2e&ttd_puid=1f74a0b1-7e94-4c5c-a840-0b41e167d946%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1c95ae01-40fe-4041-9062-cd8934fc2a2e&ttd_puid=1f74a0b1-7e94-4c5c-a840-0b41e167d946%2C%2C
date
Wed, 17 Jan 2024 14:45:40 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 2312 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20A86775D2-3BBA-4AD4-84DC-BD63429E9315&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 2312 		37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=A86775D2-3BBA-4AD4-84DC-BD63429E9315&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 2312
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTg2Nzc1RDItM0JCQS00QUQ0LTg0REMtQkQ2MzQyOUU5MzE1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 03:38:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2312
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPjeGY1oCaj-Q7teQTY-SJk&google_cver=1
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPjeGY1oCaj-Q7teQTY-SJk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 03:36:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPjeGY1oCaj-Q7teQTY-SJk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2312
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2456B774863A43B2958C9759FEA5475C
42 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2456B774863A43B2958C9759FEA5475C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 17 Jan 2024 14:45:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2456B774863A43B2958C9759FEA5475C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 16 Jan 2024 14:45:40 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2312
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1c95ae01-40fe-4041-9062-cd8934fc2a2e&gdpr=0&gdpr_consent=
42 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1c95ae01-40fe-4041-9062-cd8934fc2a2e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 14:45:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1c95ae01-40fe-4041-9062-cd8934fc2a2e&gdpr=0&gdpr_consent=
date
Wed, 17 Jan 2024 14:45:40 GMT
server
Kestrel
content-length
355
A86775D2-3BBA-4AD4-84DC-BD63429E9315
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2312 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A86775D2-3BBA-4AD4-84DC-BD63429E9315?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:bfa:a46e:1266:8631 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 2312
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A86775D2-3BBA-4AD4-84DC-BD63429E9315&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mVkp5alE2uXvsPKrtMWW.By241PHNs8-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mVkp5alE2uXvsPKrtMWW.By241PHNs8-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mVkp5alE2uXvsPKrtMWW.By241PHNs8-~A&gdpr=0
date
Wed, 17 Jan 2024 14:45:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 2312
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=49c301ab-444e-46a5-99ca-981254395458&gdpr=0&gdpr_consent=
1 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=49c301ab-444e-46a5-99ca-981254395458&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 03:03:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=49c301ab-444e-46a5-99ca-981254395458&gdpr=0&gdpr_consent=
Date
Wed, 17 Jan 2024 14:45:40 GMT
Connection
keep-alive
X-CI-RTID
f53cafda-003f-4727-b31e-5920c889db1a
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 2312
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A86775D2-3BBA-4AD4-84DC-BD63429E9315&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=26a6cda8e160124e&is_secure=true&networkId=17100&version=1&nuid=A86775D2-3BBA-4AD4-84DC-BD63429E9315&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFsVl1NnQV8AN4WsepAAAAAAA&expiration=1705589140&nuid=A86775D2-3BBA-4AD4-84DC-BD63429E9315&...
42 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFsVl1NnQV8AN4WsepAAAAAAA&expiration=1705589140&nuid=A86775D2-3BBA-4AD4-84DC-BD63429E9315&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 03:37:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFsVl1NnQV8AN4WsepAAAAAAA&expiration=1705589140&nuid=A86775D2-3BBA-4AD4-84DC-BD63429E9315&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 2312 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.139.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-139-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:40 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2312
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&gdpr=0&gdpr_consent=
42 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 03:34:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2312
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3722499249143144507&gdpr=0&gdpr_consent=&us_privacy=
1 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3722499249143144507&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 14:45:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3722499249143144507&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sn.ashx
pmp.mxptint.net/ Frame 2312
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_10F6F5627_2EC37B79&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-388507540; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 17 Jan 2024 14:45:40 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-388507540; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 17 Jan 2024 03:23:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 2312
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=WmmfhunWtegk6uOaE88_5wdz5udIAFsZqwNX-zHGVZs&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
42 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=WmmfhunWtegk6uOaE88_5wdz5udIAFsZqwNX-zHGVZs&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 17 Jan 2024 14:45:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=WmmfhunWtegk6uOaE88_5wdz5udIAFsZqwNX-zHGVZs&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Wed, 17 Jan 2024 14:45:41 GMT, Wed, 17 Jan 2024 14:45:41 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-T5CKP06L0Y&gtm=45je41a0v867730941&_p=1705502732210&gcd=11l1l1l1l1&dma=0&cid=1281492989.1705502733&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&uid=&sid=1705502733&sct=1&seg=0&dl=https%3A%2F%2Fadmin.s21.lol%2F&dt=Foreign%20Policy%20%E2%80%93%20the%20Global%20Magazine%20of%20News%20and%20Ideas&_s=3&tfd=9424
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T5CKP06L0Y&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.s21.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 289F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTc4MWM5M2VhZjc2ZDM1MmZlM2RjMTY0OTEyNDk0OGE5NTA1MWUwZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTc4MWM5M2VhZjc2ZDM1MmZlM2RjMTY0OTEyNDk0OGE5NTA1MWUwZA
Protocol
H3
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTc4MWM5M2VhZjc2ZDM1MmZlM2RjMTY0OTEyNDk0OGE5NTA1MWUwZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 289F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 14:45:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3JDN8942SAVBJ660JZA3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 289F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1c95ae01-40fe-4041-9062-cd8934fc2a2e&gdpr=0&gdpr_consent=&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1c95ae01-40fe-4041-9062-cd8934fc2a2e&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1c95ae01-40fe-4041-9062-cd8934fc2a2e&gdpr=0&gdpr_consent=&expires=30
date
Wed, 17 Jan 2024 14:45:40 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 289F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDIPeBcGW741sJuwHSpNEsA&google_cver=1
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDIPeBcGW741sJuwHSpNEsA&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDIPeBcGW741sJuwHSpNEsA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 289F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IYR0igaxTiG5a7BNr1jgsg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IYR0igaxTiG5a7BNr1jgsg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IYR0igaxTiG5a7BNr1jgsg
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 14:45:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8AJK0BAQBG2AH8EX6H5P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IYR0igaxTiG5a7BNr1jgsg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 289F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/v22zBjhlzcWQLuzEV-T8U8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qv0KCqhE2oK.97.gOH8.IrOr2KhWSGPmJqA5mg--~A
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qv0KCqhE2oK.97.gOH8.IrOr2KhWSGPmJqA5mg--~A
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 17 Jan 2024 14:45:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qv0KCqhE2oK.97.gOH8.IrOr2KhWSGPmJqA5mg--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 289F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LRHWAKGY-1X-FPV7&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRHWAKGY-1X-FPV7&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 14:45:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G5G3XF3XRE8ZXQCAKQ20
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRHWAKGY-1X-FPV7&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Expires
0
pixel
cm.g.doubleclick.net/ Frame 289F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJIV0FLR1ktMVgtRlBWNw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDeUL_oIdcHV7IwnASW7TeE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJIV0FLR1ktMVgtRlBWNw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJIV0FLR1ktMVgtRlBWNw==&google_push=
Protocol
H3
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJIV0FLR1ktMVgtRlBWNw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Expires
0
setuid
px.ads.linkedin.com/ Frame 289F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRHWAKGY-1X-FPV7
0
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRHWAKGY-1X-FPV7
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:40 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 5B7940A021B143D08A22B86E3E49610C Ref B: MIAEDGE2717 Ref C: 2024-01-17T14:45:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPJU0KsIMK4nIz8ndp0A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRHWAKGY-1X-FPV7
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 289F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEUJU7LT9AAABLZ13GuhQ&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEUJU7LT9AAABLZ13GuhQ&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEUJU7LT9AAABLZ13GuhQ&expires=30
Date
Wed, 17 Jan 2024 14:45:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 289F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRHWAKGY-1X-FPV7
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRHWAKGY-1X-FPV7
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRHWAKGY-1X-FPV7&ckls=true&ci=DW2B6kXHpv&nc=false&trid=405062117
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRHWAKGY-1X-FPV7&ckls=true&ci=DW2B6kXHpv&nc=false&trid=405062117
Protocol
H2
Server
18.164.96.92 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:41 GMT
via
1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Pooudwtp1Fjt_rxGMDgl9LHTLKoKMjj1imGRax1k9t1Wa7kGNx3LPA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:41 GMT
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRHWAKGY-1X-FPV7&ckls=true&ci=DW2B6kXHpv&nc=false&trid=405062117
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
kSD5p6VbrnkjfKenkHZLgXtvaUlZDVIas9cNcw_xzJ7XOfZW16S05Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync
hb.yahoo.net/ Frame 289F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRHWAKGY-1X-FPV7&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRHWAKGY-1X-FPV7&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1GM2M3THJKRTJ1RkFOOHBjZ1MyRXRkUDd1NDJvc0VrTH5B&ovsid=LRHWAKGY-1X-FPV7&dpid=58160
57 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1GM2M3THJKRTJ1RkFOOHBjZ1MyRXRkUDd1NDJvc0VrTH5B&ovsid=LRHWAKGY-1X-FPV7&dpid=58160
Protocol
H2
Server
23.40.179.147 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 17 Jan 2024 14:45:41 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Wed, 17 Jan 2024 14:45:41 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1GM2M3THJKRTJ1RkFOOHBjZ1MyRXRkUDd1NDJvc0VrTH5B&ovsid=LRHWAKGY-1X-FPV7&dpid=58160
date
Wed, 17 Jan 2024 14:45:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame 289F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LRHWAKGY-1X-FPV7
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LRHWAKGY-1X-FPV7
Protocol
HTTP/1.1
Server
63.251.86.49 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 14:45:41 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LRHWAKGY-1X-FPV7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
Expires
0
setuid
ib.adnxs.com/prebid/ Frame 289F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRHWAKGY-1X-FPV7
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRHWAKGY-1X-FPV7
Protocol
H2
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:41 GMT
an-x-request-uuid
e4286705-cebd-404e-9c9e-23371e332065
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRHWAKGY-1X-FPV7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
v1
match.sharethrough.com/sync/ Frame 289F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRHWAKGY-1X-FPV7
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRHWAKGY-1X-FPV7
Protocol
H2
Server
54.156.118.43 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRHWAKGY-1X-FPV7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 289F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LRHWAKGY-1X-FPV7
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LRHWAKGY-1X-FPV7
Protocol
H2
Server
147.75.195.77 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:41 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LRHWAKGY-1X-FPV7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
Expires
0
async_usersync
ib.adnxs.com/ Frame 9664 		0
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:45:41 GMT
an-x-request-uuid
c01b9141-1ff3-4c33-9a1c-e059896c5140
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2312 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160037&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:45:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rp.liadm.com
URL
https://rp.liadm.com/j?dtstmp=1705502735007&did=did-0041&se=e30&duid=cf6fbbf099b5--01hmby4y50v04emtm028shawyj&pu=https%3A%2F%2Fadmin.s21.lol%2F&wpn=prebid
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 function| setNptTechAdblockerCookie object| script object| cX object| ari object| googletag object| OBREvents undefined| __pctx_connection__ object| FP object| lazySizesConfig object| _wpemojiSettings function| ES6Promise function| FontFaceObserver function| gtag object| dataLayer function| twq object| runtime object| regeneratorRuntime object| wp function| sprintf function| vsprintf object| wpParselyHooks object| PARSELY object| BlockAdBlock object| blockAdBlock object| twttr function| $ function| jQuery object| pianoData object| fpLiveLocal object| fpUtilsLoc object| postDataPiano function| atcb_init function| atcb_parse_schema_json function| atcb_patch_config function| atcb_decorate_data function| atcb_check_required function| atcb_date_cleanup function| atcb_date_calculation function| atcb_validate function| atcb_generate function| atcb_generate_dropdown_list function| atcb_generate_bg_overlay function| atcb_toggle function| atcb_open function| atcb_close function| atcb_action function| atcb_generate_google function| atcb_generate_yahoo function| atcb_generate_microsoft function| atcb_generate_teams function| atcb_generate_ical function| atcb_generate_time function| external_links_in_new_windows_loop function| external_links_in_new_windows_load object| utils object| _ForeignPolicy_ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| newslettersLocal object| takeoverSettings object| onboardingLocal object| chartbeatData object| myFpAlertsLoc object| isMobile function| getParameterByName function| storeArchiveLink function| getArchives function| showArchives object| socialshares object| _stq function| st_go function| linktracker_init object| wpcom object| __cfBeacon object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id function| fbq function| _fbq undefined| fs function| clarity object| marfeel string| GoogleAnalyticsObject function| ga object| twemoji function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG object| tp object| amplitudeGTM object| amplitude function| _amplitude function| UET function| UET_init function| UET_push object| ueto_ed93ced328 object| uetq function| onYouTubeIframeAPIReady object| GooglebQhCsO object| gaGlobal function| setGoogleTagConfig boolean| pianoReady function| ___tp object| lngtd object| pbjs object| recaptcha object| closure_lm_858021 object| gaplugins object| gaData function| lintrk boolean| _already_called_lintrk object| Sailthru object| analyticsConnectorInstances function| cxCCE_callQueueExecute object| cxTest object| clarityuetq object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| PianoESPConfig object| _qevents object| _aps object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet object| liQ_instances object| confiant object| Criteo object| ORIBILI function| quantserve function| __qc object| ezt object| _qoptions boolean| apstagLOADED object| apstag object| ggeac object| google_js_reporting_queue object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am boolean| creativeVendorLibraryLoaded undefined| google_measure_js_timing number| google_unique_id undefined| cXJsonpCB1 object| sas object| apntag object| _ADAGIO object| ID5 function| clearImmediate function| setImmediate object| ats object| __id5_instances object| PublisherCommonId object| ONFOCUS function| confiantDfpWrap object| _sf_async_config object| _cbq object| GoogleGcLKhOms object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 object| google_image_requests

203 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQgZ6Kv9ExCgoIkQIQgZ6Kv9ExCgoItAIQgZ6Kv9ExCgoI5gEQgZ6Kv9ExCgoIhwIQgZ6Kv9ExCgoItwIQgZ6Kv9ExCgkIOhCBnoq_0TEKCgiMAhCBnoq_0TEKCQhfEIGeir_RMQoJCB8QgZ6Kv9Ex
.liadm.com/p Name: lidid
Value: f24dd1ce-25f3-41d9-856c-3859e35707c3
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARD_FgoGCKIBEP8W
admin.s21.lol/ Name: fontsLoaded
Value: true
.s21.lol/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://admin.s21.lol/%22%2C%22sref%22:%22%22%2C%22sts%22:1705502732662%2C%22slts%22:0}
.s21.lol/ Name: _parsely_visitor
Value: {%22id%22:%22pid=2f7e1165e33cb957b9ac902599d645ab%22%2C%22session_count%22:1%2C%22last_session_ts%22:1705502732662}
admin.s21.lol/ Name: __adblocker
Value: false
.t.co/ Name: muc_ads
Value: 75ccca88-5750-4a7d-9ba9-43fbf4372367
.twitter.com/ Name: personalization_id
Value: "v1_Fzc4K6ZixiuV1GawlKTtDQ=="
.s21.lol/ Name: _gcl_au
Value: 1.1.1099845309.1705502733
.twitter.com/ Name: guest_id_marketing
Value: v1%3A170550273300451607
.twitter.com/ Name: guest_id_ads
Value: v1%3A170550273300451607
.twitter.com/ Name: guest_id
Value: v1%3A170550273300451607
www.clarity.ms/ Name: CLID
Value: 04de0d8dafad4fb486de961cd52b377f.20240117.20250116
.s21.lol/ Name: _uetsid
Value: 113c5c10b54711ee8f7c1d930f7ff223
.s21.lol/ Name: _uetvid
Value: 113c7290b54711eead31f181a8e870e1
.bing.com/ Name: MUID
Value: 2B550B4690B3683404241F4F91AF69BF
.bat.bing.com/ Name: MR
Value: 0
.s21.lol/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBmATgHYATABZeADm7COAVin8O4kAF8gA
.s21.lol/ Name: _pcid
Value: %7B%22browserId%22%3A%22lrhwaj9zuu9prvvb%22%7D
.s21.lol/ Name: _ga
Value: GA1.2.1281492989.1705502733
.s21.lol/ Name: _gid
Value: GA1.2.775211254.1705502734
.s21.lol/ Name: _gat_UA-6874192-49
Value: 1
.s21.lol/ Name: _gat_UA-6874192-41
Value: 1
admin.s21.lol/ Name: sailthru_pageviews
Value: 1
.s21.lol/ Name: AMP_MKTG_c486c28a0e
Value: JTdCJTdE
id.tinypass.com/ Name: AWSELBCORS
Value: D54D83371CA73269B30D9CD8F7A2329AB776287862FCE91E7BF76200B4A16455FD1923C6484995A7F618C9A4D114CCD4BABA503113D71BD8C76855B9BF795793F8CE5FD856
.linkedin.com/ Name: li_sugr
Value: 29803285-2e37-48d9-89de-22e43f506682
.linkedin.com/ Name: bcookie
Value: "v=2&a4b4e2c7-978e-4041-80bb-86eeb7cac974"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3118:u=1:x=1:i=1705502733:t=1705589133:v=2:sig=AQFvG9NZP6GQ24NB-JY6ilhhHn-ZP_Zg"
.s21.lol/ Name: _clck
Value: m9k6g7%7C2%7Cfih%7C0%7C1477
.s21.lol/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1705502733%2C%22currentVisitStarted%22%3A1705502733%2C%22sessionId%22%3A%221032cbe6-18bd-4753-bf82-43c22d15927e%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//admin.s21.lol/%22%2C%22referrer%22%3A%22%22%7D
.s21.lol/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1705502733%2C%22userId%22%3A%2275694ab4-5f20-4432-8961-af5c4b2fc82f%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1705502733%2C%22timesVisited%22%3A1%7D
.s21.lol/ Name: compass_uid
Value: 75694ab4-5f20-4432-8961-af5c4b2fc82f
.s21.lol/ Name: AMP_c486c28a0e
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI3YjNiMzlhMS00YTI2LTRiMWItYjBlNy0xMmM5OTIzMDcyNmElMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzA1NTAyNzMzNzAyJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcwNTUwMjczMzkwOSUyQyUyMmxhc3RFdmVudElkJTIyJTNBMiU3RA==
.linkedin.com/ Name: UserMatchHistory
Value: AQK8T1uTMoW1BQAAAY0X4nYyKXSjVzsU1tpXcqKwhjPdHNURcWJ4rC7YvKbahOXt0amvGa53VuLxaw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJvrkf7rwDizQAAAY0X4nYynu0khSEzoGnhQK7Z-K0EL-dCuTTqxZKnEr2rwe8Sw8pb81VRgJ09_2SyeMdLzg
.s21.lol/ Name: __pid
Value: .s21.lol
admin.s21.lol/ Name: __pnahc
Value: 0
.s21.lol/ Name: _fbp
Value: fb.1.1705502733963.1357983515
.s21.lol/ Name: _ga_1T05LPL754
Value: GS1.2.1705502734.1.0.1705502734.60.0.0
.www.linkedin.com/ Name: bscookie
Value: "v=1&2024011714453385ee2b51-9691-44ba-8592-97460464a42fAQFUq17y6PQHG-63ftOuPPMehVOvMuu7"
admin.s21.lol/ Name: sailthru_content
Value: 50bda2290b50a080f9fa7a13ef731b90
admin.s21.lol/ Name: sailthru_visitor
Value: 4e9d22fd-b6e8-4b6c-95c8-e32fd1d75dd1
.piano.io/ Name: __cf_bm
Value: Nf6yK_7Yf.u35q21URLpL_TW_n0ZcAEiOlnRg8toeLs-1705502734-1-AaonVNwxSEOmK0MHMYK4SjZn/iVwtJC++zcCwaJVaeCD95CuGlg/BmTNBqcrf+jKXXyPhdn1TkCd+BucLl1kcaA=
.s21.lol/ Name: __tbc
Value: %7Bkpex%7DibnTpZo2R6-K3MxHzkPXFEc3jMLmL1XtXpVu3AY94g1PaPMWzVO6KzLLCo29a96X
.s21.lol/ Name: __pat
Value: -18000000
.s21.lol/ Name: __pvi
Value: eyJpZCI6InYtbHJod2FqYWZodnBvZ2FobCIsImRvbWFpbiI6Ii5zMjEubG9sIiwidGltZSI6MTcwNTUwMjczNDE3Mn0%3D
.s21.lol/ Name: xbc
Value: %7Bkpex%7DCJ38P4MLMQvGzwHFVG-gdlc1Pg6xR-BQHe66Po9kmgTA99FfXyssBPGFiygG0AoGNqX5ZGgMHjFkPBr7ftweiwSYIY06tJqRsCRiX943ddwqw4fWPhKq4xu2g6ZJU9BXL-SjQKvDP47qp_XujP4oJTr9qYqFb39hT0eSIp2IBXXARgG17TV3bgdEZdgVrDKelsw3jKVLDkIhOwzd82HxoppozTkNMMhOkKP9ko5h6JaqgWpZqI5JngKbJ_sbTJq80oR4iQIZCLZsLnoO_cIKdwRK_ZRar6oUTUWTSP_vTvGwBsw3CYIPoAy1njoToEt6cxtPOo45mBTxS8A8QDq3oc6vr4IwwkVQlC0DAfw_SkhFjBCSR9yCgrJpNMFYEz052VisdVbkHsUiJaUPG1IxrLq65q1_9u4FhRgaWB9VQzXnHjmxg4dAwFe0XOwkGktBbIsmHtplwAtHcHOunF9E4hPEpDBYk65g7Naz6rYa5M552-sWLknZhZYI4guMkLvSRpRwrLZK4Qr2Z5XzDTXL-A
.s21.lol/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOnsiQ09NUE9TRVIxWCI6eyJzZWdtZW50cyI6WyJMVHM6NDYwYWNjNTI5ZDFkOTZmN2YyYWM0MWJkZDc4NGMxZjE5ZjA4N2IyZTpub19zY29yZSJdfX19
.s21.lol/ Name: cX_P
Value: lrhwaj9zuu9prvvb
.s21.lol/ Name: _clsk
Value: 4aer6x%7C1705502734219%7C1%7C1%7Ct.clarity.ms%2Fcollect
admin.s21.lol/ Name: lngtd-sdp
Value: 1
admin.s21.lol/ Name: lngtd-session
Value: 6b7e99ca-c1fb-4dfb-8b5d-cf2265a15079
events.newsroom.bi/ Name: 3439_u
Value: 75694ab4-5f20-4432-8961-af5c4b2fc82f
events.newsroom.bi/ Name: 3439_s
Value: 1032cbe6-18bd-4753-bf82-43c22d15927e
events.newsroom.bi/ Name: 3439_lv
Value: null
events.newsroom.bi/ Name: 3439_ut
Value: 0
.s21.lol/ Name: _li_dcdm_c
Value: .s21.lol
.s21.lol/ Name: _lc2_fpi
Value: cf6fbbf099b5--01hmby4y50v04emtm028shawyj
.s21.lol/ Name: _sharedID
Value: 62f14601-abe1-4f6c-9177-11f2586b1d20
.s21.lol/ Name: _sharedID_cst
Value: zix7LPQsHA%3D%3D
.33across.com/ Name: check
Value: true
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDID
Value: 1c95ae01-40fe-4041-9062-cd8934fc2a2e
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 924afc807ad5bab2c9d478fcee32cbc
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmOQtzQySUxLtjAwT0wxTUpMMkq2TDExt0hLTk01NkpOSmYAgtTlL%2FhANBQAAGhnC54%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIXf6CD0hBAQAZjQID"
.liadm.com/ Name: lidid
Value: f24dd1ce-25f3-41d9-856c-3859e35707c3
.lijit.com/ Name: ljt_reader
Value: IAcViBZHRIV_-Q2kTl-qLsbv
.rubiconproject.com/ Name: khaos
Value: LRHWAKGY-1X-FPV7
admin.s21.lol/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%221c95ae01-40fe-4041-9062-cd8934fc2a2e%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-17T14%3A45%3A34%22%7D
admin.s21.lol/ Name: pbjs-unifiedid_cst
Value: zix7LPQsHA%3D%3D
.s21.lol/ Name: panoramaId_expiry
Value: 1705589134759
.s21.lol/ Name: _cc_id
Value: 924afc807ad5bab2c9d478fcee32cbc
.s21.lol/ Name: __li_idex_cache_e30
Value: %7B%22nonId%22%3A%22TFZcTGWDhvSJnb-CsQy0FLW4cjYlho3JmqQIjw%22%7D
.quantserve.com/ Name: mc
Value: 65a7e80f-1c127-3d3ee-60a97
.s21.lol/ Name: __qca
Value: P0-1007919912-1705502734758
.s21.lol/ Name: cto_bidid
Value: ctv6a19iQW0yeXF0bmJUWVdtTG5ub2pXTE52bHFlMG41bVklMkJyZ2hKY25yeWxhaExleEg5RllWdlolMkZ0OGQyUnJmZGtscWNnaGpyaFdUcERlRzNBYWVoVkV5TXclM0QlM0Q
.cxense.com/ Name: gckp
Value: 366b3f5bhko714egysj18c5hh
.s21.lol/ Name: cX_G
Value: cx%3A211omylnx7mq4fdbiq2rvst1u%3A3ukqhrpf2sqok
admin.s21.lol/ Name: _lr_geo_location
Value: US
admin.s21.lol/ Name: _lr_geo_location_state
Value: FL
.id5-sync.com/ Name: 3pi
Value:
.doubleclick.net/ Name: IDE
Value: AHWqTUmqKPoRA__DemGj2qOkVvJYpraQ4e0I63Y_ypIg_UKOVmoa9RYF16fbuAs4UpA
.s21.lol/ Name: __gads
Value: ID=a5403a3589b393e9:T=1705502735:RT=1705502735:S=ALNI_MahB3SY37ksCAMAwKC1UDRPwT_LiQ
.s21.lol/ Name: __gpi
Value: UID=00000a0802336fc4:T=1705502735:RT=1705502735:S=ALNI_MYexiPMecbDnHFVbDcPz_XuNNiAYw
.s21.lol/ Name: _ga_T5CKP06L0Y
Value: GS1.1.1705502733.1.0.1705502736.57.0.0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2B550B4690B3683404241F4F91AF69BF
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2B550B4690B3683404241F4F91AF69BF
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.s21.lol/ Name: _cb
Value: D3BJsKDQ7x6E_BzZE
.s21.lol/ Name: _chartbeat2
Value: .1705502736672.1705502736672.1.BpUaM1U_CoWDC9VtXCZ5MDkDJdJQe.1
.s21.lol/ Name: _cb_svref
Value: external
.id5-sync.com/ Name: id5
Value: afd58d56-871c-7480-9f39-37798d6224ff#1705502735878#2
.criteo.com/ Name: uid
Value: 91b365df-315a-4bb6-aafb-0089d1a60ff6
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: partitioned_bundle
Value: JpsbZl8yYlUxdHNNMzFCeXNPSkM3ZWR2UjlFMlR6Vkd6dGNIeFZzT2V3aUJ6QVNzMG9iTEF3JTJCdE53N2ZtQTdIYndKaXhzcFhrakU2N0ZsY3R1NExkV1c3U2hCUjE5JTJGaExqcXp1b3JaeFI2bDEwd05TeFdvNGp6NzdzM092c0RZNTdLTlhXNjlMMU0lMkJqM2N3QVZVZTZNam9zY0VrZFVWcFA4UTFjcmo2b3R3dTRBcEklM0Q
.s21.lol/ Name: cto_bundle
Value: O5tviF8yYlUxdHNNMzFCeXNPSkM3ZWR2UjlFMlR6Vkd6dGNIeFZzT2V3aUJ6QVNzMG9iTEF3JTJCdE53N2ZtQTdIYndKaXhzcFhrakU2N0ZsY3R1NExkV1c3U2hCUjE5JTJGaExqcXp1b3JaeFI2bDEwd05TeFdvNGp6NzdzM092c0RZNTdLTlh1eEJpdmNNRTNlTGphcUwyNnp4REVBJTNEJTNE
.s21.lol/ Name: _gat_pianoTracker
Value: 1
.openx.net/ Name: i
Value: c3914936-8db8-0010-3a61-1d9dac212657|1705502740
.3lift.com/ Name: tluid
Value: 225207143323068590931
.openx.net/ Name: pd
Value: v2|1705502740|vMbwgag2gKhEvPkWgyiK
.casalemedia.com/ Name: CMID
Value: ZafoFHJh0SIqlKG6IcEKLQAA
.casalemedia.com/ Name: CMPS
Value: 1692
.casalemedia.com/ Name: CMPRO
Value: 1692
.bidswitch.net/ Name: tuuid
Value: 1de3d188-5003-40b3-a1d5-bdd061ea67ba
.bidswitch.net/ Name: c
Value: 1705502740
.bidswitch.net/ Name: tuuid_lu
Value: 1705502740
.ads.pubmatic.com/ Name: KCCH
Value: YES
.openx.net/ Name: univ_id
Value: 537072971|1c95ae01-40fe-4041-9062-cd8934fc2a2e|1705502740310146
.adnxs.com/ Name: anj
Value: dTM7k!M4/YEVNsVF']wIg2GTtdB`^%!]tbP6j2F-.aE*LBAgB^jF$dafQCX]e:[dek^KdNjG+1akQKyzP($R?/X+GY1Qw1aFg>rZ
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIyMjUyMDcxNDMzMjMwNjg1OTA5MzEiLCJleHBpcmVzIjoiMjAyNC0wNC0xNlQxNDo0NTo0MFoifX0sImJpcnRoZGF5IjoiMjAyNC0wMS0xN1QxNDo0NTo0MFoifQ==
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZafoFAAPMivl1ABH
.yahoo.com/ Name: A3
Value: d=AQABBBTop2UCELa1lnK625iB0PoODihjD78FEgEBAQE5qWWxZdxH0iMA_eMAAA&S=AQAAApfiUal4TqSR7ZICoDZOgxY
.turn.com/ Name: uid
Value: 3722499249143144507
.rlcdn.com/ Name: rlas3
Value: cJHABzqZcZPQlSE/aAZ4djFARXWr8gDVlpSOQ4Z63Iw=
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A86775D2-3BBA-4AD4-84DC-BD63429E9315
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160037:2
.pubmatic.com/ Name: DPSync3
Value: 1705536000%3A248%7C1706054400%3A265%7C1706659200%3A201_263
.pubmatic.com/ Name: SyncRTB3
Value: 1706659200%3A54_240_266_21_22_166_3_8_249_46_220_13_250_234_55_264_71_165_231_5_233_104_178_48_176%7C1706745600%3A35%7C1706054400%3A15_223_2%7C1706313600%3A63
.adnxs.com/ Name: uuid2
Value: 280428771345290224
.rlcdn.com/ Name: pxrc
Value: CJTQn60GEgUI6AcQABIFCOhHEAA=
.sitescout.com/ Name: ssi
Value: b92e3ed3-a865-42c3-9964-12fe6e30fccc#1705502740490
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A5-mbzQXZEGJmAymhKa7n18
.quantserve.com/ Name: d
Value: EJwBCwH2KvijAA
.adnxs.com/ Name: XANDR_PANID
Value: -MX58uzbb-U3LJl45GRG8wkm-tjxDO_yo8vWwCFzUePCVl27ggSbpm1Bxmn6bAppSZu2gvm0yq6IRylNnUAUOAADC3jcnEF90fqnNqH0haw.
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTcwNTUwMjc0MDU4MSwiMzkiOjE3MDU1MDI3NDA1ODEsIjciOjE3MDU1MDI3NDA1ODF9
.simpli.fi/ Name: suid
Value: 2456B774863A43B2958C9759FEA5475C
.smartadserver.com/ Name: pid
Value: 4822173424027145722
.tapad.com/ Name: TapAd_TS
Value: 1705502740636
.tapad.com/ Name: TapAd_DID
Value: 1f74a0b1-7e94-4c5c-a840-0b41e167d946
.deepintent.com/ Name: CDIUSER
Value: di_d03348ea4fc94ec0a00b9
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240117%22%7D
.adform.net/ Name: C
Value: 1
.pippio.com/ Name: did
Value: JTATSV4k7QlvmuB7
.pippio.com/ Name: didts
Value: 1705502740
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CJTQn60GEgYIgr0rEAA=
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_15b9fd00-b547-11ee-8c9c-12fa6b58ae11
.adgrx.com/ Name: ADGRX_UID
Value: 15bb5b50-b547-11ee-a8a7-513fb37e1806
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553&KRTB&23418-b92e3ed3-a865-42c3-9964-12fe6e30fccc-65a7e814-5553
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-EYyeSEKBzxkKiJxOFY7STEOKmhoKj88eHo5hMc5z&KRTB&19420-EYyeSEKBzxkKiJxOFY7STEOKmhoKj88eHo5hMc5z&KRTB&22979-EYyeSEKBzxkKiJxOFY7STEOKmhoKj88eHo5hMc5z&KRTB&23462-EYyeSEKBzxkKiJxOFY7STEOKmhoKj88eHo5hMc5z
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPjeGY1oCaj-Q7teQTY-SJk&KRTB&23025-CAESEPjeGY1oCaj-Q7teQTY-SJk&KRTB&23386-CAESEPjeGY1oCaj-Q7teQTY-SJk
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:2456B774863A43B2958C9759FEA5475C&KRTB&23486-uid:2456B774863A43B2958C9759FEA5475C&KRTB&23489-uid:2456B774863A43B2958C9759FEA5475C&KRTB&23539-uid:2456B774863A43B2958C9759FEA5475C
.adform.net/ Name: uid
Value: 4336018554955098065
.mxptint.net/ Name: mxpim
Value: R33646_10F6F5627_2EC37B79.1.000000000000000065A7E814
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e2c14bf6-0973-54c5-60a7-0af8aa8bb0dc.AnM9UaLhDpZRNaLJzbg9kugLO1rAqpRBDFl9EdQdKCQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e2c14bf6-0973-54c5-60a7-0af8aa8bb0dc.AnM9UaLhDpZRNaLJzbg9kugLO1rAqpRBDFl9EdQdKCQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4sFL9glzVMVgpwr4qouw3CaEdkg.RhRrQ5w3kuE3ZfjkABp0d4xflaBFmFJ%2FPWRkDihnhFs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4sFL9glzVMVgpwr4qouw3CaEdkg.RhRrQ5w3kuE3ZfjkABp0d4xflaBFmFJ%2FPWRkDihnhFs
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIN1OI74s8Z-kwMj_HOAbx6y1IT3566KermxgZTb_yZfpEHwYBCCU0J-tBjABOgQ7vvenQgR3OBfb.sevKdKOC5NfM%2FvNq0RxKL%2FQwXvjkOkKwBnERAdsCz9M
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIN1OI74s8Z-kwMj_HOAbx6y1IT3566KermxgZTb_yZfpEHwYBCCU0J-tBjABOgQ7vvenQgR3OBfb.sevKdKOC5NfM%2FvNq0RxKL%2FQwXvjkOkKwBnERAdsCz9M
.ipredictive.com/ Name: cu
Value: 49c301ab-444e-46a5-99ca-981254395458|1705502740743
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3722499249143144507&KRTB&23150-3722499249143144507&KRTB&23527-3722499249143144507
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-280428771345290224&KRTB&23339-280428771345290224
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-1c95ae01-40fe-4041-9062-cd8934fc2a2e&KRTB&22918-1c95ae01-40fe-4041-9062-cd8934fc2a2e&KRTB&22926-1c95ae01-40fe-4041-9062-cd8934fc2a2e&KRTB&23031-1c95ae01-40fe-4041-9062-cd8934fc2a2e
.w55c.net/ Name: wfivefivec
Value: Y4hkYc3S1Rq7aI5
.dotomi.com/ Name: DotomiTest
Value: 26a6cda8e160124e
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCKib8Z-g3cs8EAUSFwoIcHVibWF0aWMSCwjIqrOioN3LPBAFEhYKB3J1Ymljb24SCwjkjamkoN3LPBAFGAEgAigCMgsIyKC2z7bdyzwQBTgBWghwdWJtYXRpY2AC
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33646_10F6F5627_2EC37B79&KRTB&23092-R33646_10F6F5627_2EC37B79
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-4sFL9glzVMVgpwr4qouw3CaEdkg&KRTB&23334-4sFL9glzVMVgpwr4qouw3CaEdkg&KRTB&23417-4sFL9glzVMVgpwr4qouw3CaEdkg&KRTB&23426-4sFL9glzVMVgpwr4qouw3CaEdkg
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-49c301ab-444e-46a5-99ca-981254395458&KRTB&23011-49c301ab-444e-46a5-99ca-981254395458&KRTB&23355-49c301ab-444e-46a5-99ca-981254395458
.pswec.com/ Name: tuuid
Value: db2caf27-d121-40fd-b5cd-cfe91988f726
.pswec.com/ Name: c
Value: 1705502740
.pswec.com/ Name: tuuid_lu
Value: 1705502740
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-41692910-2d4d-4b79-9a49-4a5f450a4f42&KRTB&23340-41692910-2d4d-4b79-9a49-4a5f450a4f42&KRTB&23498-41692910-2d4d-4b79-9a49-4a5f450a4f42
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!422
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: SPugT
Value: 1705502740
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-15bb5b50-b547-11ee-a8a7-513fb37e1806&KRTB&23275-15bb5b50-b547-11ee-a8a7-513fb37e1806
.bidr.io/ Name: bitoIsSecure
Value: ok
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 77844243-349f-4afb-a64e-a182b08a48cc
beacon.lynx.cognitivlabs.com/ Name: ss
Value: r%2F6DpcIigoQ4hbLa7%2FUH1KTqpHQUGSTdGvfPdyebHyfd8sEUuQX%2FI%2B9mvWd7zqAUR3%2BMiw6NVFxvLJiTTn%2F5Vg%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:Y4hkYc3S1Rq7aI5&KRTB&23421-uid:Y4hkYc3S1Rq7aI5
.bidr.io/ Name: bito
Value: AAEUJU7LT9AAABLZ13GuhQ
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAFsVl1NnQV8AN4WsepAAAAAAA&KRTB&22713-AAAFsVl1NnQV8AN4WsepAAAAAAA&KRTB&22715-AAAFsVl1NnQV8AN4WsepAAAAAAA&KRTB&23519-AAAFsVl1NnQV8AN4WsepAAAAAAA
.tribalfusion.com/ Name: ANON_ID
Value: a4ntuJSZdIijSTnMSXONpbgSZa7YEG3kUsV2dXbCwWv61TFk1FuLQFESnRvBI4P010bB6lh5GhlF2p7tZbaGlfGtWBW
.adx.opera.com/ Name: UID
Value: OPU21cc52f003df4f959f7c44e479506b6b
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0NTMwMDUyNwFyhfgMdc1NE40LjMyrTMsNjQGs9hmOJQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0NTMwMDUyNwFyhfgMdc1NE40LjMyrTMsNjQGs9hmOJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBqamBkbmJgaWQGAE0oA74QAAAA
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.creativecdn.com/ Name: u
Value: nWlPw4J2S7fJ4F90WSU3
.creativecdn.com/ Name: g
Value: nWlPw4J2S7fJ4F90WSU3_1705502740911
.creativecdn.com/ Name: ts
Value: 1705502740
.csync.loopme.me/ Name: viewer_token
Value: fd25128b-4773-47c6-b0c8-e903eccbadff
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-1de3d188-5003-40b3-a1d5-bdd061ea67ba
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU21cc52f003df4f959f7c44e479506b6b&KRTB&23485-OPU21cc52f003df4f959f7c44e479506b6b&KRTB&23524-OPU21cc52f003df4f959f7c44e479506b6b
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1791377156005274791
.pubmatic.com/ Name: PugT
Value: 1705502739
.analytics.yahoo.com/ Name: IDSYNC
Value: "18za~2g8e:18z8~2g8e:18vk~2g8e:19e0~2g8e"
.rezync.com/ Name: zync-uuid
Value: 68c1c10d-9882-42f8-b979-b7bc5b638b6c:1705502741.02463
live.rezync.com/ Name: sd-session-id
Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiNjhjMWMxMGQtOTg4Mi00MmY4LWI5NzktYjdiYzViNjM4YjZjOjE3MDU1MDI3NDEuMDI0NjMifQ.ZafoFQ.rr2wFRPsCY4iqp_d9yn-nUSbtiE
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGHmEQVRzi0CaS5Bv7H1ouoxdnNVF8ci150u/9I50tmKr4DCKW1hL0bV0su366OqKiU1pIqb0b7diYbB5SW5XQ3YcocLEkE7lXQD5U7tEfUTQ==

6 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/203988873637408?v=2.9.140&r=stable&domain=admin.s21.lol(Line 137)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=91b365df-315a-4bb6-aafb-0089d1a60ff6&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20A86775D2-3BBA-4AD4-84DC-BD63429E9315&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://admin.s21.lol/
Message:
The resource https://admin.s21.lol/wp-content/themes/foreign-policy-2017/public/fonts/tiempos--normal--600.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://admin.s21.lol/
Message:
The resource https://admin.s21.lol/wp-content/themes/foreign-policy-2017/public/fonts/solido--normal--400.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://admin.s21.lol/
Message:
The resource https://admin.s21.lol/wp-content/themes/foreign-policy-2017/public/fonts/tiempos--normal--400.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
addkt-d.openx.net
admin.s21.lol
ads.pubmatic.com
ajax.googleapis.com
ak.sail-horizon.com
analytics.google.com
analytics.twitter.com
ap.lijit.com
api.btloader.com
api.sail-personalize.com
api.sail-track.com
api2.amplitude.com
ats.rlcdn.com
bat.bing.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
btloader.com
buy.tinypass.com
c.4dex.io
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
c2.piano.io
c7672eb9c8b7156a3558b9d89017dacd.safeframe.googlesyndication.com
casale-match.dotomi.com
cdn.amplitude.com
cdn.confiant-integrations.net
cdn.cxense.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.tinypass.com
ce.lijit.com
client.aps.amazon-adsystem.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
comcluster.cxense.com
config.aps.amazon-adsystem.com
connect.facebook.net
creativecdn.com
csync.loopme.me
d.turn.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events.newsroom.bi
experiences.mrf.io
fastlane.rubiconproject.com
floors.lngtd.com
fonts.gstatic.com
foreignpolicy.com
geo.privacymanager.io
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id.cxense.com
id.rlcdn.com
id.tinypass.com
id5-sync.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
it.lngtd.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis.tech
live.rezync.com
lngtd.com
longitudeads-com.videoplayerhub.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
p.rfihub.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.lngtdv.com
s.tribalfusion.com
script.4dex.io
sdk.mrf.io
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
srv-2024-01-17-14.pixel.parsely.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.chartbeat.com
static.cloudflareinsights.com
static.criteo.net
stats-collector.cxense.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.intentiq.com
sync.ipredictive.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync1.intentiq.com
t.adx.opera.com
t.clarity.ms
t.co
t.pswec.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
www.clarity.ms
www.facebook.com
www.foreignpolicy.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.npttech.com
x.bidswitch.net
ad.mrtnsvr.com
rp.liadm.com
104.18.36.155
104.18.38.76
104.244.42.131
104.244.42.133
104.36.115.111
104.36.115.113
107.178.254.65
108.138.106.17
108.138.126.121
13.107.42.14
13.225.63.113
13.32.151.21
13.35.93.37
130.211.23.194
141.11.184.118
142.250.65.162
142.250.65.230
145.40.89.32
146.75.28.157
147.75.195.77
151.101.66.49
162.19.138.119
162.19.138.82
162.248.18.34
169.197.150.7
173.231.178.82
18.164.101.60
18.164.115.222
18.164.116.18
18.164.96.92
18.173.132.10
18.238.64.130
185.167.164.39
185.184.8.90
192.0.76.3
198.148.27.131
199.38.167.130
20.110.205.119
20.114.189.70
2001:4860:4802:32::181
2001:4860:4802:36::15
207.198.113.93
23.105.12.120
23.40.179.147
23.56.162.249
23.56.163.106
23.56.163.14
23.7.29.146
23.83.76.69
2600:141b:1c00:1296::268b
2600:141b:1c00:8::1728:b316
2600:1f18:4e9:5a02:bfa:a46e:1266:8631
2600:1f18:730:b120:d04c:f745:6075:4698
2600:9000:21dd:8200:6:44e3:f8c0:93a1
2600:9000:247b:9200:6:eea:300:93a1
2600:9000:24f1:dc00:18:1fcd:353:c61
2600:9000:2510:4200:1b:6b7d:2300:93a1
2600:9000:2512:b200:1a:5235:f980:93a1
2602:803:c002:200::43
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:10::6816:3556
2606:4700:10::6816:4ad8
2606:4700:20::681a:346
2606:4700:20::681a:8a9
2606:4700:20::681a:b61
2606:4700:20::ac43:4acf
2606:4700:3033::ac43:9fa2
2606:4700:4400::6812:22b2
2606:4700:4400::6812:2b5a
2606:4700::6810:3865
2606:4700::6811:c376
2606:4700::6812:19ad
2606:4700::6812:b07e
2606:4700::6812:eff8
2606:4700:e2::ac40:8e06
2606:ae80:1450:15::1690
2607:f8b0:4004:c08::9c
2607:f8b0:4006:806::2003
2607:f8b0:4006:809::2008
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::200e
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::2004
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2620:1ec:bdf::40
2620:1ec:c11::200
2a02:6ea0:c400::11
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::485
3.220.30.119
34.111.113.62
34.171.234.26
34.200.65.202
34.225.182.250
34.231.207.29
34.98.64.218
35.169.211.189
35.186.253.211
35.211.156.215
35.211.178.172
35.214.182.194
35.241.34.106
35.244.154.8
35.244.193.51
35.71.131.137
35.71.139.29
38.98.69.175
40.76.134.238
44.205.136.188
44.228.12.48
50.16.139.245
52.202.239.95
52.4.159.125
52.46.128.147
52.6.152.202
52.95.125.22
54.156.118.43
54.157.70.26
54.160.64.36
54.204.112.220
54.211.17.237
54.230.163.113
54.85.14.136
57.128.96.93
63.251.86.49
63.251.86.50
68.67.181.211
69.173.151.100
74.119.119.139
74.119.119.150
75.2.104.6
8.28.7.83
82.145.213.8
86.109.7.56
99.83.154.140
012d62c360534f50cc3148d29cdf1ab4b55212cd0d0583a3f9f2bc3ec9019a43
015fc14006f7ce1bc79c386725d85dd7760451accc3acbeab467c4b11a9df376
016cfe0b96956c2f101343dfb7500aaa91c4f9eea53995d9fe74db811c010616
053168598b145ef6114725fc34fe54ce5cb52dbcafd76465b4d8a502cb0328f1
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0542456f28811bc742ee71f89d9aef640739063297d1225d092747a6f767b023
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
070d8bd670eea1ef341be85c1de1348bfefee770ce6de3df577195093e544158
0776fc3e3b47bfb421e93599468a9766d463fa4230ff58c76c969199a868fa17
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0862f105373ec9f6beb9ae3f81535bfbf6e1023512d4c45300eec20c590c4df8
0a40af3b37ba570afcfc94250d1d57c00ab6f3c3f08392fb81419373c816595c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c39b79ed16ea6aa0dd67bd85368939e29a863ed2e4e69416c909d6cd06aa907
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0dc566693de1d9f39776b6abc1bfa426799c28cb7974f060c8a9990fe59df770
0e85a89f47860723c3d4adc04aef900d2bf3824b0129c6d60dab71fed4e34486
0e96a1c30dd645b125c564aad91f840765985337f9fbd2dde546d5c8b9a92315
0f08820faf0bbdb2934b64faa0df1a5b8c27e6427fc4e395969833fbd30d174c
1195f3b68c565f30b8910b01eafeb992ee27c2dbd3c0b45b77ee935b625193f1
11ac8bc0a507efbfd27f00b1b0af3aa659f7972ae631668b458d2a562d197c68
1321e4d20e234b4f74dabc0fae656a3d0520ba4acd7b1aec3f62be3b5a4780dd
14a4190eafa53f3e66df6e2c63b6e1243a217e9ee69040dc49087e79610573fe
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a134cbceab3573c55270f8d8997f506cb707f7fd8b3e3e568d0c6cb0f5acfc2
1a76550a9831e5198c6810bdf9caf89bbc491314ae22560513e6a18539497976
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d00dc2ff117d931e9690b87a87276cbdc863859fa76973808ffa73d4d5b41a0
1fc1a32502f4c87ae87449036864c81b1ca19ebe5c87a92774bd60e0ba723cd4
1ff49b12e5dd1a990f31c524f130094ac027c7481bc78c65860977a3ad24d491
201fe79ea95392b63726ff87a1e14e14c2580cd488c89ff015922cd715e1b0ae
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20d5ab261902c043ec4b5b8c14aab3219ffbf3a5e766f6b4cd83aa17148813d4
2389c843382df9a001cee3bc094455c53ed100d8449af0bbbcab6ce3a405150e
253105795d9d1def127bc5d640c9a32b7fdcfe5b2cc06e0be85758b2b53aa2b4
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
27dae83409f3ca9f6ef0d9dcb8370bda9c97a4eab0f3b415ea1fd0dee66d0d8d
287abf45ebdb5831778ac29c569a55209b21e030cf7f6f88a3c4ad6ebbcc8f92
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a259b7cb4e3fbffac29d34bb6af866381457febbd7924f959cee36b12765dd4
2b70d5f158ad9fb8db0a1c335114075558d819212c80ce6d0aca87c348afb174
2ba4c4a12ce8d0abe1d849b8f20dd63f1c413fcb27f3c8d9997a26564af01ced
2bb3ba317e4f76df96fe27e65149bc7472ab3cd0cf174207c10aa78d0df54c0a
2bc5001233bfc0825f3a20f540474fc40b65a56e5547036c46daf990cb976618
3120a9c9c6cc4d3c9571fe00caff9ccd24dc18f99e358f4caa5e95f2a5fb85ba
31bc313b5f21822d904f4f8a2a528cfe156a9b23c1060425768da5ae074e1690
33fc0fe6c953f5e84b16688858d420b312a8fa18d8ae6f77913c729ff33d0870
34d0171f9f78d955a2d9d1b997376643a9f218864a0182c038744a260e62fae2
35473429b36d73f9f16075b1d473f0b4c896bdbe53997ddc36619f6461c2f8d7
35f8d695985428d80ccaa92f864243c4437aecba281cba3a286cf65719a9d9fd
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a918543c7cc15b4c74eee1a5f63adf0387cec5c683e2b1b405db50669ea8c6
38442c178fabacc21fa1208e93a8a2250b66152a74bfc64e82a56fa3d17a3a6c
3abbf3e01fec2b1b07784f58b57cc6292da397e5e639b1f0bd16adf00a910f60
3c131dfbe012cfd5e10cfab3513560d389f150a2949b56b4e44d3a74e240f0c8
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
3d3bb97e6c62f812024a34fcfa8bcd89e8b4bc63f9e676a96a3e950a40b98c4f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e451555f27e9c0515d1022fe4106b4985903ac23a865a5cd27cc1cd884111cf
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d0b43097d2e91cdd15c337dee519cd5076233fde28994d53e2d27171bbfd1c
4312d8893b200e857cf41bd7ab005a7bab22f08d1dd2fc9bdc0b7394bd722bac
4320d39d1f102e220b19cbb1a2922f9d2955e7330e4d16028637d9fbfbe851b5
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
437c57640654b8bcac8fb9a9547ef5629ea30ce8b20ef5e1d2270ea82106c60e
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44fd5badf2be95377338a9c9c546e35ac63c89afd5d7901db475c2e5b10383f4
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
465f1cf60cab9ad13882c020118163dedbf3f5b731e0e9b0dee3c7082bca0545
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47c096d7a64bd8551983f88b8ba947c5561436d660a6da8caca20a86e9a140d4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4904a185b0ed2f84453902fc666932957ce4bbd3253311c4dd68b31a98042ca3
4a00a7cc84ded60447d21ee0b01cb3892bee68a623b3bef49d368b737852fb1f
4ad4e3bab4039addd3237c9e6c56b73d93819589aea0f7eaf248a89cf36322c0
4b443a3a5e102a75314535d9d0377f262d1c87700ac0b5fccf5ddcaf27d3fca5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac
4d3a609f74c4fa47b7159c3e011b8312462557c5d4c477cd8d9475812da32254
4dc1d2f29313ebd7402ddf0235bb01e763a7ba37f8cb8c1bc89cad7b7641d12b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5017f1aa960a09da1d30dd2258b7a6c134317bbc9b1fd9a4929caf7f3aa5ea92
52468c1e4b5f33e1a3f9efebce3ffc189eacd7eb07c099288852094ba32a2689
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
53ed08ab5ff51b7d1859784999022c1fa15550368f34c941b0a6c06ba898ccf4
540eea0d79e32f705ec544f48b9d9e3e6a7877961d4b9cc763677003751b9fb0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57298ae9c2168c3f86b4f4e67b9b6a222ce706ed3c8191f391c03d37760d253e
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e46116ebab6613e95042e11ecc8fe036bcb0a4e641e58cd1af7cecdcf4276d1
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ee1f034c140fc8a84e6b2f0ad74d217147d258d4b0f4d04d805232c81bd160
62199c755872c6357ad3e83df67427de0aeac1bec63741b36b2a8968df6d0c91
647d064c62215de0fe962b7f26088a919aa1e4ecaf4f890e95f0fa528ea73bb2
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
6824bac46086a386c8abb74304f674ad45f0dbfd0b2c97e49f4b1d04942662b8
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6a276680883e2d298107dd8bf6e925be6b274caa036d213850adcf6b41606b21
6a5b862320b5dcd29d3612ef50c8b93a96186f11d434f749e32abd2d83b87ee5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca8965a4a9c691d4bf031ea97684f63b0e45bbaaa64887b248e9ffc800b5bcd
6d01a1013f2e1428beeb351111924257112a89e6150eac8fd84c00b7a84e69b8
6f09bbc53d8c4e7ddcc4d35f40708df24067c45f5162e706b14f638700bb51d0
70dc6ac959964df12f8f73d18df8631e8aefa71c0648b321103cc4a3777f6321
713f511fa78bacaf5b56ed62bd685d4da42bd60a5967089dd43b782e911936c7
73a157ba2b922e5a6721b1b5bb9f0f1a9fe8dc27371bc6adc99b266a673b28e5
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76c9d6b03da634dc0afd4d24211479bc5347b777fd7f7e1b71d884a26fb64f23
7704dbc9fa23136af5c961006029ad700a35789183f7ae765bd499525ae0fbc1
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78d4e7687f6f9432a385cd64ab89023eed8194b77ed840389c28385358bc958c
791b086445dad97bbe5d626ade65bfd45c2ef1c218a47ef18d341f254544e7f4
7ad3c5b45741ca076a35027665ccea7b708f57b1a4b528c9fdf73e1801984bf4
7b6e05aff304fdcc50470be44dc27103721573d43cb4626ae1872e0fe11d8986
7bf60b6a71cf6ec67c5a9772b02fc160aae7b050b7351519ef877b6662171f5a
7cd7963e193505ea4ae4eb95290be92385092d41c48892324cb81f891c01cfa7
7f5f0eed87205e880e30eb49e66a8e74ec330a6966b0f66a9210f49d872aebf4
7f84824de02b0889bddb0e115ff6f3bd2e3a4b673594a75826f6c93d19d2cb64
81c9726bbfd3befdb7dcf5b865de0d0039fcea001000e08b32d7e402f4792a62
81e0700e5f2e456c4363a0ef5354a27c791164f5b7083b4e10b966934e6e71d4
8255126c6cfa5949f900920d1da34af4a6b44cbffa700777b64526eb95d3933a
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
86eef6900e733c6793c90e7219cef80dbf187d2108e4f45f6732a9812dadcb5d
890531a55c73529e845df7cc49af6d29c4e778e21c9dcb8baa4c55aa5735b353
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a8fcae0d50cc5c2f82844038bde53f5593448db2c64fec928a62c0393dbcebc
8b836795c877fc7c6d95234b07a93ad5130f597bdba01b354e3e2f95b78a94cd
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
8f46dd6edf25ddabbbab99485f927e64dff29fd0d52a1ee6c2895466e7099762
90a4e634fae457b5b5a5a44bd88844186df3cb9593937c80465733e09a266e59
925d7ce9e261c865c9de12379ce2232b8f7ffbfabfa86574702030d7bedaed2e
9480246304b0b1b9ba76778d9fc56a17a1e8f1f8d4e1220b155deb20893ccd6d
948e14a13e5a54e2ecafb160ca62dedc70ed36bf21befaa0a389b101ecfc1911
94c2225b0f89c5c6f22d215e7be3998516a4ab250c9b5e1b8fd57ebe0c4b44fe
95089cd0c63fbc0cc2d94c0263a46892efac44562ead9b6748aee732ccc2a941
95248706ce41c107d1f0788863f0d36476a80a317b705ec54397f1688475894d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98c988c761148b7a1fd047037288ab38277347275a6d67f250d0fd4347875d4c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a2e29dc2a0e734f6e148884a2ebe64d54fac90c4787d371fa721c07083bf7a0
9ae9dc6f44bf3313d3c2b5e6ddd84e8e93a9696cf839e57ed11c6995862e1961
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9b3711515f1ad425c0a07a1aa57038aab8f1f9cd518b30a17b8ef1dfe3a69386
9bd7eae3e19f7ea074d71fc3458ea4e14aabb48b66d960286bdd40196c95632f
9dcc0c0a0bd25c2e024a7ad0d14729d364f9a444e3f865768e36880945f4604a
9dce58f0f3e3aed76124d0a7a87f6da517b1060b068cc87b6662332c6f4e673b
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
a00ba2ac3c436cd3bf79893b7b3ceed4c43dba0645eff6bd4bacde23aa58d57e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a2cfe845ea897bbb976dd07743e666dd93000bc84e854bc3064429d4b4c6ed23
a2d467f355b64a47bf2ff9939d2111a961d4a6d591c977bece7e75bdf0c7c186
a51a3ffe536766f5ae04f7fbd31fc1a9d5ec1f8125e98823fa24721208cfeb9f
a9e9c016ded4fe1a26b448429937822a4afad1c8f53d7348eb9bee852dea5877
ab685c3c71fa770524de722fadfa61021debdaf0c7678e24a4ee113779bf7f21
abb420698455ab8212d58f448a6a652770e6ab6780934783a037404321150bc4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b363dd8dfc87c836dadde3420fed74e6ef3391c688247814668a5ad1b82e8418
b36b8e55e03b371fe0ab49d3988f280afa0f66067e013ff98ce76750c96f70d1
b41f1abd72d3d572a2369eb4fe60701587c8322b977c2ab1168977085fe9f37e
b4b2b5830641102def6d241a461fef33d7a0c8ddb4debc6ecd45d3ff5ec97a54
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b5dbe11ff15ed0b7bad65f9a3b601cbd79edde3ceea704784503b78ecdfaba0c
b70e8bc8bed5c54cb33271828fc71d008c98b6ee44a2cf47269b13e9124bbae8
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9
bafdddb05dac501f57ec8fff6a8bc8bb98712d6500cc5f5063caad85ee6076d9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdea8f714ea4a0b1937ec0c5cb23498f5441af8a619fb385db7e38e581fe6dcb
be22e32b0d0ee875b62a7ebe3e347bb8c8f3c793aac7cb7bc5f941bd04c15433
c20b8f39d0c0d0a73cd0d0f5b29b07c8d992df61c86dca3555efd9485544da46
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4d262b4d7e621b3a35a03ce0af41a9e129fd5667b8a0ff214ef094baa73c7e7
ca2aff9c6f85931e52a6397a6cb56ab02019f5ca20bcaac9789e8ebe32df1f80
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cc1e70a15ead0db3f0e702ff021a0c75acb548b80a69eb2b9ade7e80eefd6458
cd5fbe23fecd5281f2450fde2cf6f69c715b68d1dd69f907066315e3ecfbc9f6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1197f0248eeadf9023585c4481e30c2802220f7f584da2ab2db7242407e8991
d151224cd7b00d5d33ca0bc892d7dfddb73b1c0f44ca903beec3de617d8b19ce
d2117e2a9c8332879a99eebf710b0d98892c19e5ecf84e21f809325982f8f318
d279a8f3340240ea270cd06bf0a845a4e83671a924833fb7cdb7f9d115d8860d
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d36cf570a5676b99c7e67e3b4d0dfa5f0f317a8061cb4dfba9c93638296e7058
d901f5bb9f2eb6b8a22f16c264d7d5fae0537b28f4fdf7455c3342213ea98e77
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9ac8b331119a4bbbbc5f039dab4626d02b0494d00b9d337b33c139176d622ee
dc6dacff9a56a6947dcf1eea394b6bbb7c4da52d6febaa470487a37450c41fe6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6e28a699826bd6e475986eb70e24390c84c8a279a1d4a246462141c8743dce
dea66266dc936e979021869d3755ba6c9cb645fac40d529413959b8ec96d34c8
e0c0e43475e22c3cbd577eb75358ec925d8070671a6a699d472c9c01387693d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e429813cba2300e439fff875afb5d9631f03730fe595303522788725bee37d81
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0
e742fbb9f957842081e160cc5feebe39b4f2b276aeb963bf58a15a1f34965ecc
e7a65d77f9b47d84d33b12bd57b84b32edecc0068fc1340249dc1b3f57c63325
e7ace1bcb75bce2ca3c6cf1b90d369cc45457485b54bb0793552c481d8acb61a
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9542a010a486394e6574f1e038aad53e3dd466fc3ff4c4d0c1491141e9282cd
eb67f52179b58500e52dfbb683f96f21020eb32b6854075ed1d9a4136b16cb90
ebde59b20fa4a976c52458a050d179d57a19a2b988c9b51c8ffa77c0724f2a58
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed1ede8aa11278c6bd4ac6113dd4970739d89e7a657b317680ad865d14709bec
edb664793580b9457d1b5a905e99e394836ec53f1092b24d0aef4328b4d6b97c
edfe2a20da16edefda1bae58e448d83ec297cee6c953677601dae335deb02fac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef92675fbf09a157c46e086902cfc9e0e9920b048399e98eb1c04046722e0f2c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5e74787b4b077fea39c89df5a529ba9e93ba3c9d364549fa5b6d1a870566217
f635cc11075c6c748d78bf5ff56f84c94229a01a3224368a674a25ea0c98aa4f
f67673dc2021a2da452b195f4e384f515dc2e05df9dd66048e821b6544cba173
f69d146e46487203d760f9ef3f5e28594753338c080a281b938931dc64f3b137
fb3510049e9bcf7a2d2d76aa473bbb4f3ab8e277b840b78c25ed5cfac74d0e6d
fbd3a61300e171c3faf306c6df2d438e171ea0c407c977fdb71c8323d251fc16
fe8eab4dab1330d699ba66b0ea2c4944d33a90b4910e6720941d99b3edb0121c
ff8fd040fb7c5385289f2449955ceb2e1a537f1f19124cc47279f932e03d66f0