urlscan.io logo urlscan.io
SecurityTrails logo

arsiv.mackolik.com Open in urlscan Pro
195.244.32.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mackolik.us/
Effective URL: http://arsiv.mackolik.com/Default.aspx
Submission: On May 05 via manual from TR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 91 IPs in 14 countries across 87 domains to perform 471 HTTP transactions. The main IP is 195.244.32.71, located in Izmir, Turkey and belongs to NETDIREKT-AS, TR. The main domain is arsiv.mackolik.com.
This is the only time arsiv.mackolik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 217.19.248.132 60819 (SAFENAMES-AS)
1 1 185.42.236.147 199710 (PERFORM-AS)
1 1 2.16.186.91 20940 (AKAMAI-ASN1)
2 195.244.32.71 43391 (NETDIREKT-AS)
2 2a00:1450:400... 15169 (GOOGLE)
93 116.202.218.103 24940 (HETZNER-AS)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 23.45.99.241 16625 (AKAMAI-AS)
16 195.244.38.50 43391 (NETDIREKT-AS)
3 6 79.137.69.120 16276 (OVH)
1 13.224.111.48 16509 (AMAZON-02)
1 3 13.224.111.129 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
16 142.250.185.226 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 51.195.89.103 16276 (OVH)
2 79.137.69.91 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
4 2606:2800:234... 15133 (EDGECAST)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.232.159 16625 (AKAMAI-AS)
1 89.187.169.15 60068 (CDN77 (^_^)/)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
36 65.9.66.9 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
1 13.224.111.23 16509 (AMAZON-02)
32 64 2606:4700:20:... 13335 (CLOUDFLAR...)
1 54.229.148.178 16509 (AMAZON-02)
2 37.157.2.234 198622 (ADFORM)
5 11 216.52.2.48 30282 (AS-INAPCD...)
2 178.250.2.131 44788 (ASN-CRITE...)
6 37.252.172.250 29990 (ASN-APPNEX)
1 17 34.98.64.218 15169 (GOOGLE)
2 213.19.162.31 26667 (RUBICONPR...)
2 185.86.137.32 201081 (SMARTADSE...)
3 12 188.42.196.115 7979 (SERVERS-COM)
1 13.224.111.125 16509 (AMAZON-02)
1 65.9.84.39 16509 (AMAZON-02)
2 104.244.42.136 13414 (TWITTER)
4 2a02:2638:1::3 44788 (ASN-CRITE...)
2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 151.101.113.108 54113 (FASTLY)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
6 104.111.230.142 16625 (AKAMAI-AS)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 68.232.35.16 15133 (EDGECAST)
9 13 3.121.66.166 16509 (AMAZON-02)
2 2 18.185.0.221 16509 (AMAZON-02)
2 2 193.232.148.153 48061 (UMA-TECH-AS)
8 8 31.172.81.172 44066 (DE-FIRSTC...)
5 5 31.172.81.160 44066 (DE-FIRSTC...)
1 5.254.23.213 3223 (VOXILITY)
2 69.173.144.139 26667 (RUBICONPR...)
3 10 76.223.111.131 16509 (AMAZON-02)
5 5 185.29.133.58 30419 (MEDIAMATH...)
19 72.251.249.13 29791 (VOXEL-DOT...)
2 2 34.197.48.164 14618 (AMAZON-AES)
3 3 2620:116:800d... 16509 (AMAZON-02)
2 2 18.159.8.206 16509 (AMAZON-02)
10 18 142.250.185.194 15169 (GOOGLE)
2 4 159.253.128.183 36351 (SOFTLAYER)
2 4 37.252.173.62 29990 (ASN-APPNEX)
2 2 66.155.71.150 13768 (COGECO-PEER1)
8 8 185.184.8.30 204995 (RTB-HOUSE...)
9 11 213.19.147.45 3356 (LEVEL3)
4 4 198.148.27.140 19189 (PULSEPOINT)
2 5 52.210.44.111 16509 (AMAZON-02)
2 8.43.72.97 26667 (RUBICONPR...)
2 4 52.95.123.167 16509 (AMAZON-02)
4 4 193.0.160.128 54312 (ROCKETFUEL)
2 26 52.48.175.241 16509 (AMAZON-02)
12 2.18.233.180 16625 (AKAMAI-AS)
1 1 2001:678:cb4:... 56396 (TURN)
3 3 37.157.6.246 198622 (ADFORM)
1 1 146.0.227.110 20773 (GODADDY)
1 185.64.190.78 62713 (AS-PUBMATIC)
7 9 70.42.32.159 13789 (INTERNAP-...)
2 2 35.156.106.231 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
2 52.44.53.247 14618 (AMAZON-AES)
2 3 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 52.1.224.136 14618 (AMAZON-AES)
2 193.122.128.135 31898 (ORACLE-BM...)
2 169.197.150.7 398989 (DEEPINTENT)
4 4 52.57.228.122 16509 (AMAZON-02)
4 4 151.101.114.49 54113 (FASTLY)
2 18.195.155.181 16509 (AMAZON-02)
2 2 202.241.208.56 4694 (IDCF IDC ...)
4 5 69.173.144.165 26667 (RUBICONPR...)
3 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
1 1 2001:678:cb4:... 56396 (TURN)
1 2 35.227.252.103 15169 (GOOGLE)
2 2 18.193.131.224 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 2 89.108.120.68 197695 (AS-REG)
1 3 2a02:6b8::90 13238 (YANDEX)
1 1 23.37.42.132 16625 (AKAMAI-AS)
1 2 78.46.100.125 24940 (HETZNER-AS)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
1 88.99.242.108 24940 (HETZNER-AS)
1 51.89.9.251 16276 (OVH)
1 2a0c:5c81:509... 55081 (24SHELLS)
1 82.145.213.8 39832 (NO-OPERA)
471 91
1    217.19.248.132 (Milton Keynes, United Kingdom)

ASN60819 (SAFENAMES-AS, GB)
PTR: redirect.idp365.net
mackolik.us
1    185.42.236.147 (United Kingdom)

ASN199710 (PERFORM-AS, GB)
mackolik.com
1    2.16.186.91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-91.deploy.static.akamaitechnologies.com
www.mackolik.com
2    195.244.32.71 (Izmir, Turkey)

ASN43391 (NETDIREKT-AS, TR)
arsiv.mackolik.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
93    116.202.218.103 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nvm-s5.cubecdn.net
cm.cdn.md
im.cdn.md
hm.cdn.md
4    2606:4700:3030::6815:5a95 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.eksiup.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
tags.bluekai.com
16    195.244.38.50 (Izmir, Turkey)

ASN43391 (NETDIREKT-AS, TR)
run.admost.com
go.admost.com
6    79.137.69.120 (France)

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl
tr.hit.gemius.pl
1    13.224.111.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-48.mad50.r.cloudfront.net
b.scorecardresearch.com
3    13.224.111.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-129.mad50.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
16    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    51.195.89.103 (France)

ASN16276 (OVH, FR)
PTR: ns3183877.ip-51-195-89.eu
js.duhnet.tv
2    79.137.69.91 (France)

ASN16276 (OVH, FR)
PTR: gcm11.host.hit.gemius.pl
str.hit.gemius.pl
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.dk
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1a951e109e69191f710f7cfd579a753a.safeframe.googlesyndication.com
cdn.ampproject.org
9    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
daznplayervod.daznservices.com
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2.18.232.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-159.deploy.static.akamaitechnologies.com
images.performgroup.com
1    89.187.169.15 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-89-187-169-15.cdn77.com
admost-banner.b-cdn.net
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.dk
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a5007bfe6c4fdb9e8afd529eafa94ee4.safeframe.googlesyndication.com
10    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
36    65.9.66.9 (United States)

ASN16509 (AMAZON-02, US)
randiul.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a02:6ea0:c700::3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
cdn.dimml.io
1    13.224.111.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-23.mad50.r.cloudfront.net
static.hotjar.com
64    2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
1    54.229.148.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-148-178.eu-west-1.compute.amazonaws.com
baltar.dimml.io
2    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
11    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
6    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
17    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpone-d.openx.net
eu-u.openx.net
us-u.openx.net
2    213.19.162.31 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
12    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    13.224.111.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-125.mad50.r.cloudfront.net
script.hotjar.com
1    65.9.84.39 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
2    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
4    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
6    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
8    68.232.35.16 (United States)

ASN15133 (EDGECAST, US)
ec-ns.sascdn.com
13    3.121.66.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    18.185.0.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
2    193.232.148.153 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
px.adhigh.net
8    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
5    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
sync3.sniperlog.ru
1    5.254.23.213 (Frankfurt am Main, Germany)

ASN3223 (VOXILITY, GB)
cache.betweendigital.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
10    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
data.adsrvr.org
match.adsrvr.org
5    185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
19    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    34.197.48.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
aorta.clickagy.com
3    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    18.159.8.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
18    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
4    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
4    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
8    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
creativecdn.com
11    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
5    52.210.44.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    52.95.123.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
26    52.48.175.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
12    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
3    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
9    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
b1sync.zemanta.com
2    35.156.106.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-106-231.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
2    52.44.53.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    52.1.224.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
4    52.57.228.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
2    202.241.208.56 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
2    18.193.131.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    78.46.100.125 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de
sync.1dmp.io
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
1    88.99.242.108 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: a02.smtp.rees46.com
api.rees46.com
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
Apex Domain
Subdomains		 Transfer
93 cdn.md
cm.cdn.md
im.cdn.md
hm.cdn.md
614 KB
64 adpone.com
hb.adpone.com
3 MB
36 randiul.com
randiul.com
353 KB
36 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
317 KB
30 lijit.com
ap.lijit.com
ce.lijit.com
48 KB
26 gumgum.com
rtb.gumgum.com
8 KB
21 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
37 KB
21 googlesyndication.com
1a951e109e69191f710f7cfd579a753a.safeframe.googlesyndication.com
tpc.googlesyndication.com
a5007bfe6c4fdb9e8afd529eafa94ee4.safeframe.googlesyndication.com
pagead2.googlesyndication.com
109 KB
19 openx.net
adpone-d.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
5 KB
16 admost.com
run.admost.com
go.admost.com
19 KB
13 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
106 KB
13 bidswitch.net
x.bidswitch.net
4 KB
13 betweendigital.com
ads.betweendigital.com
cache.betweendigital.com
5 KB
12 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
41 KB
10 adsrvr.org
data.adsrvr.org
match.adsrvr.org
3 KB
8 1rx.io
sync.1rx.io
3 KB
8 creativecdn.com
creativecdn.com
3 KB
8 bumlam.com
sync.bumlam.com
5 KB
8 sascdn.com
ec-ns.sascdn.com
28 KB
8 gemius.pl
tr.hit.gemius.pl
str.hit.gemius.pl
32 KB
7 outbrain.com
sync.outbrain.com
2 KB
6 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
4 KB
6 twitter.com
platform.twitter.com
syndication.twitter.com
150 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 adform.net
adx.adform.net
c1.adform.net
2 KB
5 ampproject.org
cdn.ampproject.org
108 KB
5 google.com
adservice.google.com
www.google.com
682 B
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 360yield.com
ad.360yield.com
1 KB
4 rfihub.com
p.rfihub.com
3 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com
948 B
4 contextweb.com
bh.contextweb.com
2 KB
4 simpli.fi
um.simpli.fi
1 KB
4 adsniper.ru
sync3.adsniper.ru
2 KB
4 criteo.net
static.criteo.net
103 KB
4 smartadserver.com
prg.smartadserver.com
csync.smartadserver.com
3 KB
4 criteo.com
bidder.criteo.com
gum.criteo.com
580 B
4 dimml.io
cdn.dimml.io
baltar.dimml.io
9 KB
4 facebook.com
www.facebook.com
144 KB
4 google-analytics.com
www.google-analytics.com
38 KB
4 scorecardresearch.com
b.scorecardresearch.com
sb.scorecardresearch.com
5 KB
4 eksiup.com
cdn.eksiup.com
12 KB
4 googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
485 KB
4 mackolik.com
mackolik.com
www.mackolik.com
arsiv.mackolik.com
23 KB
3 yandex.ru
an.yandex.ru
913 B
3 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
3 quantserve.com
pixel.quantserve.com
1 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
61 KB
3 googletagservices.com
www.googletagservices.com
98 KB
3 google.dk
adservice.google.dk
1 KB
2 tns-counter.ru
www.tns-counter.ru
706 B
2 1dmp.io
sync.1dmp.io
792 B
2 aidata.io
x01.aidata.io
1004 B
2 admedo.com
pool.admedo.com
784 B
2 w55c.net
pm.w55c.net
1 KB
2 socdm.com
tg.socdm.com
1 KB
2 emxdgt.com
cs.emxdgt.com
2 zemanta.com
b1sync.zemanta.com
576 B
2 deepintent.com
match.deepintent.com
83 B
2 technoratimedia.com
sync.technoratimedia.com
587 B
2 ipredictive.com
sync.ipredictive.com
856 B
2 stackadapt.com
sync.srv.stackadapt.com
336 B
2 advertising.com
pixel.advertising.com
726 B
2 turn.com
d.turn.com
ad.turn.com
859 B
2 sitescout.com
pixel-sync.sitescout.com
540 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 clickagy.com
aorta.clickagy.com
1 KB
2 adhigh.net
px.adhigh.net
823 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 connectad.io
i.connectad.io Failed
cdn.connectad.io
2 duhnet.tv
js.duhnet.tv
332 KB
2 bluekai.com
tags.bluekai.com
984 B
2 cloudflare.com
cdnjs.cloudflare.com
3 KB
1 opera.com
t.adx.opera.com
393 B
1 adtelligent.com
s.adtelligent.com
1 onetag-sys.com
onetag-sys.com
818 B
1 rees46.com
api.rees46.com
158 B
1 sniperlog.ru
sync3.sniperlog.ru
297 B
1 rlcdn.com
id.rlcdn.com
66 B
1 admixer.net
inv-nets.admixer.net
557 B
1 b-cdn.net
admost-banner.b-cdn.net
11 KB
1 performgroup.com
images.performgroup.com
3 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 daznservices.com
daznplayervod.daznservices.com
1 mackolik.us
mackolik.us
441 B
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
471 87
Domain Requested by
64 hb.adpone.com 32 redirects randiul.com
42 im.cdn.md arsiv.mackolik.com
36 randiul.com arsiv.mackolik.com
randiul.com
34 cm.cdn.md arsiv.mackolik.com
26 rtb.gumgum.com 2 redirects ap.lijit.com
rtb.gumgum.com
19 ce.lijit.com ap.lijit.com
us-u.openx.net
rtb.gumgum.com
18 cm.g.doubleclick.net 10 redirects ap.lijit.com
eu-u.openx.net
us-u.openx.net
rtb.gumgum.com
17 hm.cdn.md arsiv.mackolik.com
16 securepubads.g.doubleclick.net cdn.eksiup.com
securepubads.g.doubleclick.net
run.admost.com
arsiv.mackolik.com
www.googletagservices.com
15 run.admost.com arsiv.mackolik.com
go.admost.com
13 x.bidswitch.net 9 redirects ap.lijit.com
rtb.gumgum.com
12 ads.pubmatic.com ap.lijit.com
ads.pubmatic.com
rtb.gumgum.com
12 ads.betweendigital.com 3 redirects arsiv.mackolik.com
hb.adpone.com
ads.betweendigital.com
11 ap.lijit.com 5 redirects hb.adpone.com
ap.lijit.com
10 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
arsiv.mackolik.com
www.googletagservices.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
arsiv.mackolik.com
8 match.adsrvr.org 3 redirects eu-u.openx.net
us-u.openx.net
rtb.gumgum.com
8 us-u.openx.net 1 redirects ap.lijit.com
eu-u.openx.net
us-u.openx.net
8 sync.1rx.io 8 redirects
8 creativecdn.com 8 redirects
8 sync.bumlam.com 8 redirects
8 ec-ns.sascdn.com csync.smartadserver.com
7 sync.outbrain.com 5 redirects rtb.gumgum.com
7 eu-u.openx.net hb.adpone.com
eu-u.openx.net
us-u.openx.net
6 eus.rubiconproject.com hb.adpone.com
eus.rubiconproject.com
cache.betweendigital.com
6 ib.adnxs.com hb.adpone.com
acdn.adnxs.com
6 tr.hit.gemius.pl 3 redirects arsiv.mackolik.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 match.prod.bidr.io 2 redirects ap.lijit.com
eu-u.openx.net
5 sync.mathtag.com 5 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 sync-tm.everesttech.net 4 redirects
4 ad.360yield.com 4 redirects
4 p.rfihub.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects ap.lijit.com
4 bh.contextweb.com 4 redirects
4 secure.adnxs.com 2 redirects ap.lijit.com
4 um.simpli.fi 2 redirects ap.lijit.com
4 sync3.adsniper.ru 4 redirects
4 static.criteo.net hb.adpone.com
static.criteo.net
4 platform.twitter.com arsiv.mackolik.com
platform.twitter.com
4 www.facebook.com arsiv.mackolik.com
www.facebook.com
4 www.google-analytics.com arsiv.mackolik.com
www.google-analytics.com
4 cdn.eksiup.com arsiv.mackolik.com
cdn.eksiup.com
ajax.googleapis.com
3 an.yandex.ru 1 redirects
3 pixel.rubiconproject.com
3 sync.targeting.unrulymedia.com 1 redirects rtb.gumgum.com
3 pr-bh.ybp.yahoo.com 2 redirects eu-u.openx.net
3 c1.adform.net 3 redirects
3 pixel.quantserve.com 3 redirects
3 cdn.dimml.io arsiv.mackolik.com
cdn.dimml.io
3 www.googletagservices.com securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.dk securepubads.g.doubleclick.net
3 sb.scorecardresearch.com 1 redirects arsiv.mackolik.com
2 www.tns-counter.ru 1 redirects
2 sync.1dmp.io 1 redirects
2 x01.aidata.io 2 redirects
2 pool.admedo.com 2 redirects
2 pm.w55c.net 2 redirects
2 rtb.openx.net 1 redirects eu-u.openx.net
2 tg.socdm.com 2 redirects
2 cs.emxdgt.com rtb.gumgum.com
2 b1sync.zemanta.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
2 sync.technoratimedia.com rtb.gumgum.com
2 sync.ipredictive.com 2 redirects
2 sync.srv.stackadapt.com rtb.gumgum.com
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 pixel-us-east.rubiconproject.com ap.lijit.com
2 pixel-sync.sitescout.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 aorta.clickagy.com 2 redirects
2 data.adsrvr.org ap.lijit.com
2 pixel-eu.rubiconproject.com ap.lijit.com
2 px.adhigh.net 2 redirects
2 ads.creative-serving.com 2 redirects
2 csync.smartadserver.com hb.adpone.com
2 cdn.connectad.io hb.adpone.com
2 acdn.adnxs.com hb.adpone.com
2 gum.criteo.com static.criteo.net
2 syndication.twitter.com platform.twitter.com
2 prg.smartadserver.com hb.adpone.com
2 fastlane.rubiconproject.com hb.adpone.com
2 adpone-d.openx.net hb.adpone.com
2 bidder.criteo.com hb.adpone.com
2 adx.adform.net hb.adpone.com
2 www.google.com 1 redirects arsiv.mackolik.com
2 imasdk.googleapis.com arsiv.mackolik.com
imasdk.googleapis.com
2 str.hit.gemius.pl arsiv.mackolik.com
str.hit.gemius.pl
2 js.duhnet.tv arsiv.mackolik.com
2 tags.bluekai.com 1 redirects arsiv.mackolik.com
2 cdnjs.cloudflare.com arsiv.mackolik.com
2 ajax.googleapis.com arsiv.mackolik.com
2 arsiv.mackolik.com arsiv.mackolik.com
1 t.adx.opera.com
1 s.adtelligent.com
1 onetag-sys.com cache.betweendigital.com
1 api.rees46.com
1 secure-assets.rubiconproject.com 1 redirects
1 sync3.sniperlog.ru 1 redirects
1 ad.turn.com 1 redirects
1 id.rlcdn.com
1 ads.yahoo.com
1 image6.pubmatic.com ads.pubmatic.com
1 inv-nets.admixer.net 1 redirects
1 d.turn.com 1 redirects
1 cache.betweendigital.com ads.betweendigital.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 baltar.dimml.io cdn.dimml.io
1 static.hotjar.com arsiv.mackolik.com
1 googleads.g.doubleclick.net arsiv.mackolik.com
1 a5007bfe6c4fdb9e8afd529eafa94ee4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 admost-banner.b-cdn.net arsiv.mackolik.com
1 images.performgroup.com arsiv.mackolik.com
1 s0.2mdn.net imasdk.googleapis.com
1 daznplayervod.daznservices.com arsiv.mackolik.com
1 1a951e109e69191f710f7cfd579a753a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 b.scorecardresearch.com arsiv.mackolik.com
1 go.admost.com arsiv.mackolik.com
1 www.mackolik.com 1 redirects
1 mackolik.com 1 redirects
1 mackolik.us 1 redirects
0 ums.acuityplatform.com Failed ap.lijit.com
0 i.connectad.io Failed hb.adpone.com
471 128
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-17 -
2021-07-17		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.admost.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-19 -
2021-12-11		 2 years crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2019-09-11 -
2021-09-24		 2 years crt.sh
*.google.dk
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
san2.daznservices.com
DigiCert SHA2 Secure Server CA		 2021-02-02 -
2022-02-02		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.b-cdn.net
Sectigo ECC Domain Validation Secure Server CA		 2020-11-11 -
2021-11-11		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2020-06-16 -
2021-06-16		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-08 -
2022-02-05		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2019-10-29 -
2021-11-23		 2 years crt.sh
*.srv.stackadapt.com
Amazon		 2020-12-09 -
2022-01-07		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-04-26 -
2021-06-16		 2 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
bs.yandex.ru
Yandex CA		 2020-12-17 -
2021-06-17		 6 months crt.sh
sync.1dmp.io
R3		 2021-03-27 -
2021-06-25		 3 months crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2020-11-10 -
2021-12-12		 a year crt.sh
api.rees46.com
R3		 2021-03-14 -
2021-06-12		 3 months crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-04-07 -
2021-07-06		 3 months crt.sh
*.adx.opera.com
DigiCert SHA2 High Assurance Server CA		 2020-05-18 -
2021-05-26		 a year crt.sh

This page contains 96 frames:

Primary Page: http://arsiv.mackolik.com/Default.aspx
Frame ID: 21C4979E59B0CE85500C801CE0271FA3
Requests: 154 HTTP requests in this frame

Frame: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Frame ID: 634C2DC1F0C034CE913B8204477D9357
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: EBC4D768485854DD9F9AD3FCD74EC2CC
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Frame ID: 7C6EACDD0F7C69DCE85C97BE212AFC78
Requests: 4 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.453.0_tr.html
Frame ID: 537D7025822C32949B8A48FC19E0F286
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4D9F6BD23421AE0216DB4740D3E021BE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: DB3505B2BC261E862C7DDCEA8F897B9D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Frame ID: FD89EDD31D3033F27CD38DC1FBDEC606
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoM4raqKloMW-H2d3KnOyL8UuvGH0v0kKbFInlfXplx-2nQnUWP3LI702_2DfP7_O3Zz1TzoPUCpd1SwaspxfhemTGgn1ShjLX-_GLFn7XTxiYSmnPRBuc_EJ_Mq3VaEi7fIRKz2wsx-_5jepom0JUe2ThFyaBDi3nlD01M0Ck5zhNLPNrcGLMHb4y0wqaYzmJwGCyZPwMtvia6CNMrK15rvfBv5zah77Y-Ig1aJl643CcpLjHl1T4w-Ga8ngRtkNEq9IuRflZEIJGAX6ydbmOGsvq1DeayqvgyZdrJOyt2cAlwl9kkalGPGDBSGCKgSHulJJqb04VkU9xqRoQgkPPcj4REVQgne__80ZVKJS6SY78CvaWOEofIpVwQ1giVnw&sai=AMfl-YT3fhtR4rQEC92jz0zEYUNFUFkmOSXTTrN6KJL16jh_iwVgWAsqc6tfjpAqQtccNWoa1Rv_PL0nuxr9ibSWoribSQedw3QzMCs2dHpOxUFUZhALX5sjZuihUXjtiffL&sig=Cg0ArKJSzL6m0CyB0jlREAE&urlfix=1&adurl=
Frame ID: 54609A495C0B6F3CF6B9BF3116B6B5DA
Requests: 7 HTTP requests in this frame

Frame: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=8ef9bd6b8e048d32d0b2ff4a99f285d44&cb=9723681620197912330
Frame ID: 583DE1DF2B119D19964AAF749A12A75E
Requests: 13 HTTP requests in this frame

Frame: http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=338836b239eb58ab68f020dc96c7a2693&cb=0212951620197912332
Frame ID: 0D1E8328A4C9F80185F701FC76AF4BBB
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/usync?i=zq0eqoihjfrx9ad8e0hw3&a=5e6f139c1ae4cbad3ebc43032e98ea8b9&cb=8016981620197912334
Frame ID: 410E846D90DDDDFCAC7FC941E5C7932A
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stats?i=zq0eqoihjfrx9ad8e0hw3&a=18cf07a61619546a36c7e896f40ac6257&cb=5701391620197912335
Frame ID: EDCBF4D5561534E89235531F14895E5E
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/usync?i=zq0eqoihjfrx9ad8e0hw3&a=3f499d6a7bf8f602abf6be5feb7273b25&cb=7373141620197912336
Frame ID: 87388C4EBEA5E7A39B81C6A19CE0C38C
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=f2c4e28747c8df2380f8160d234201fd1&cb=0160311620197912337
Frame ID: 269DDEAA9D3DA9DC9308DF7357950AB1
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=d632e1ca224d67be481c7981c0a176605&cb=5521191620197912338
Frame ID: D8EAF9D85CC5B6B91C10E15FEE3BF850
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/sync?i=zq0eqoihjfrx9ad8e0hw3&a=01112305d45c5056cbc035f5fc57d3bf5&cb=7352291620197912339
Frame ID: 84A570214880DFD8A13844B64FF0A324
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=e783a21ce56e0f1acea725538d6aee661&cb=0655181620197912340
Frame ID: 82D9C972DAC28339A81BCDBBE5A2A269
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=3dc8884a491de59d16b77a88945d48e49&cb=1381441620197912341
Frame ID: 4A97FB6817C2DA47F2C1DF69DE3A40CE
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=7053a6ae81a2e63879a3b9be890e65827&cb=0218251620197912342
Frame ID: 883A2343BE868B31295D841A5D1916F2
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/count?i=zq0eqoihjfrx9ad8e0hw3&a=cecce1f1c5bb204b95519946123c157b3&cb=0252191620197912342
Frame ID: BCE46E430402707490723E46A676E1E9
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=31cd47ff3d08c30def2fca0fb13e6dab1&cb=7307121620197912343
Frame ID: 0A337329A8678994FAE3112818B8F952
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/async_usersync?i=zq0eqoihjfrx9ad8e0hw3&a=ecb56141ce8fdaa023ddf833e29988cb7&cb=9768171620197912344
Frame ID: D10B6FB632CC6293343743C9AC517F82
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/counter?i=zq0eqoihjfrx9ad8e0hw3&a=ff96599e11d24f608b64deb3cc47ac9c1&cb=2915131620197912345
Frame ID: 08457482E8A625B7671A5263B4ED6861
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/usersync?i=zq0eqoihjfrx9ad8e0hw3&a=46e0bed5c89fd1e248e629a10d5ad0f95&cb=4837381620197912346
Frame ID: 61BA5EDC3AFDD1A8105BA64E80ED6D0D
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Farsiv.mackolik.com
Frame ID: 80F40CAEA6339B2B8CDFEF42DD63C8CB
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLq-rXAhlQwKhMnpSKu-Zk1_hEb87PJtcuZXepVkWgHtjm6hP_F5YbvCoTwOquRj99R86pVt-_ODrL8QP3TFFHhKLHw6iQHjIlxIv2PGp5dlJa3L64uxrB0MExX_og_GiSt7Ok80-K_QdHug-eN13sfd3FwCDDyT900RQofqsS5Z6iEHd8wmDeM2iJVN5erund4xG6mmdup11o0KOd4XyRlT68qe6TRW4qJAZEl_Ud3ymxIR4XXuW-swz8syKO34vDvz--ZqCpe468dkGDjAY8AfIkyCV4FFxYVPbquXTrnVNMLQZdKrN6G6ldQXvpbhDJRtdd-hhuQbfnmfMvwzTaOoEf8JAfATticTJa98exnvXvznkU1efZ&sig=Cg0ArKJSzLOBS5alQkO7EAE&urlfix=1&adurl=
Frame ID: 2A54E0183BD6B708A96BA56583A1E1DA
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 8661F57EF660CD697A2733DFF29AF9C9
Requests: 1 HTTP requests in this frame

Frame: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=d050c52bdd6883ba985109b9a8c8dbfc8&cb=6384361620197912845
Frame ID: D8B89C66DE9D2D74DCDB46DB46F6F96C
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/usersync?i=ojb32u3hlwggqu144yrdx&a=52f6a328dbddd0d88897f54da3db11385&cb=2676651620197912848
Frame ID: F97445D3EFD6A68642BA0DBE64420A32
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=265e42e3ace33c8282484bff3757965b1&cb=9599711620197912850
Frame ID: E781B0ED3CF5743B03DE57241C8015A5
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=ae7a4d7162c85e5c88a28e14dfee11201&cb=7791831620197912851
Frame ID: 3F3E8A3AC1C0BEB93396256A8C5E0740
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/syncro?i=ojb32u3hlwggqu144yrdx&a=372391a348f7da1692060bd764e144631&cb=6726021620197912852
Frame ID: 81E3FA9D37CDF27A707BC3E644E43D87
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=f87e5c8f7cfd18312c8b3d901f50f9d19&cb=9949931620197912853
Frame ID: 2F293CD1040DCA36C8675B2DCB9A17DC
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stat?i=ojb32u3hlwggqu144yrdx&a=c09dbd0f7246aa15e66d81153fb482b41&cb=1235801620197912853
Frame ID: DEC1CDDF9D9418F5815A3699C060DBCB
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=c3afc70488875e49613c775c64163c0d7&cb=8445611620197912854
Frame ID: 57BA190434C07E60D6B309177BCC8CC2
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/usersync?i=ojb32u3hlwggqu144yrdx&a=9cf6e67faca94146d7fa322769bc417d7&cb=7231011620197912855
Frame ID: 551DDBABB0CAAEEDD838C147AAF3E798
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=d220d3457426e10bf1c6fcfe7156c3c61&cb=7295371620197912856
Frame ID: 9404A6C4E5F2EA34C69FEC8D4995E15B
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/send?i=ojb32u3hlwggqu144yrdx&a=e07324e7b863c76bb1289590caf138d87&cb=8867091620197912857
Frame ID: A225E9BF4476958F1AB25FF03A7B4D5A
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=8532c942a93c6249819307957e97deaf5&cb=4240821620197912858
Frame ID: 3997C78A8ABD9DE57A027D554B6B3BCB
Requests: 13 HTTP requests in this frame

Frame: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=b024928c8882978034c90387283d126f9&cb=9721691620197912858
Frame ID: EF23076BFC94ED02353A9390CA4F85EF
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=eddfcbfb128a526f56e05c92a9b481f49&cb=8885201620197912859
Frame ID: 4E9CC2F7713EB23F6E93899738400CF4
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=0ceab00f6aa2fa44097419a12b6178ab5&cb=9776721620197912860
Frame ID: CD491C0392A794990F977449049D472B
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=33201c76a9a8497517064f431b42e3511&cb=3009041620197912861
Frame ID: 1F1DEE3E43C469BE6BAE348F2F6FEB77
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.tr.html
Frame ID: 364763B87D3335D39A0224058EA69DAF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D3E27487E9FD176E2A8803538DDDD2B4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=arsiv.mackolik.com
Frame ID: 5D02E9733BC68BCFAB1160EE204D8A35
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=arsiv.mackolik.com
Frame ID: 303C45D43C2C54BBF48B9C77CE367380
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 556C8D9624FE6DB48699FB0BCCF10738
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 11F1FC49B958F005E792E7DCF72AF3CF
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 3444AE774AA1FFE577CD80CED5E4C261
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 78015A66A4A45554F209F17385668368
Requests: 10 HTTP requests in this frame

Frame: http://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=3&iscname=false&cname=
Frame ID: ED193F2488B0D5B7BEC451AC964EA4AE
Requests: 5 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Frame ID: 364D3975A90D5CC7B19EDFA07B3FDDD7
Requests: 7 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 3FEB502E2D66C1204BDC21FB1B2895B1
Requests: 21 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=635e20d7-a90a-527d-b5dc-7616d54e340e&CACHEBUSTER=469458
Frame ID: 4BBBEC3954E2375D12E09E216882A1B1
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 0D525E25EB1BC66E55C829B68EEC4118
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: 59E084C73EBD3446ECF201F74BA9B04D
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3970996078544791315&gdpr=1&gdpr_consent=
Frame ID: B82C2FA15F2DF8139D4878F9914A3FB5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 1D606B0BE05917F47B76A08A3655ED2B
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: 9E280822800588A15D1948120B071869
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F24CDFE95AE65E559D12A002F952083B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B0FB494D3DAF9AB216D87F7F68904C7F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=81816092-421b-4800-a4cf-b3d8fcb1ceb3&gdpr=1&gdpr_consent=
Frame ID: 02960B51EB00824C08085B43B9191F3C
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YJJCIAAAuMf_OQAC&gdpr=1&gdpr_consent=&_test=YJJCIAAAuMf_OQAC
Frame ID: 955854A0522BC85E82AB9264537D6658
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wYWI1YmViNC04YmY5LTRhZDItODk4Ny1mNzc1ZGZjNjQzYmY=&gdpr=1&gdpr_consent=
Frame ID: B668EAD7E6182DDCF9DDCA3D0A5ADACE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 1AE2405CCC672B5D7CA2FF5D92C210C0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: AE889532BB637EA756DF832B353CF073
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 668A90B2705805CDF6CE5A9C3E4D9900
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YJJCHsCo5s0AANl2K5EAAAAA
Frame ID: F16D743221B3924BE570FB54C4C51787
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1875819619529322333
Frame ID: 1D220AB8148288FD15330862F91EAB8D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=IDME5KtY0ascAC41kVd5&pi=gumgum&tc=1
Frame ID: 388A2ED8BDB61822BF1E7E37B440FF2C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5C37DC42C24A381CBF3FE7348DA4092C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: C61B86AB010DD85CAC87EFD73CD18010
Requests: 1 HTTP requests in this frame

Frame: http://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=3&iscname=false&cname=
Frame ID: 350680F0F92C8DD0AF048DB1852872DB
Requests: 5 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Frame ID: E080C3A05D80EB34A274B3F20D4D40B7
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 341C86B39B29AFBED12DFF086C936488
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A3A6444B1F5688232C39424ECEC1E48E
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 6DD954D02DFE010343FCF06CB6662883
Requests: 18 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 215BC3847FB2AF253B77368826BC768E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 568D027CD0224274E419A2E9FB294A0E
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: 6F3B4A4EC77C8F61517FC2BAC11811BB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: E0FC58D1C6DA6D75E96F6DB64173C794
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FCE542F09271FE84C2BE5540B2B3B44D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 16DBB9FEAF59B4310EB781C8656ABECC
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YJJCIAAAviu1qAA4&gdpr=1&gdpr_consent=&_test=YJJCIAAAviu1qAA4
Frame ID: 1B959B32BB09D3FB46790793D46DCFE9
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wYWI1YmViNC04YmY5LTRhZDItODk4Ny1mNzc1ZGZjNjQzYmY=&gdpr=1&gdpr_consent=
Frame ID: 92A93E72711575AF00BB0AE173C890BC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: DFCF2ABA8DC13BE51A3ED7056E81E744
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 626A9252AB4F4B3EF1E979CBD28F4E5E
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 66C14E71E022A703E37CE181A40C4B17
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YJJCHsCo5s0AANl2LAEAAAAA
Frame ID: 72576D450F975CABFE04AB6D5FAD7356
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871316019771555001
Frame ID: 932CBC926DA7124EC56DD968E577943B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=IDME5KtY0ascAC41kVd5&pi=gumgum&tc=1
Frame ID: 396D4F2AA0385D7ABB8EBC4423D72EE2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9B47C41265A41ACB2537219D36C6F67A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 49230570265899EEFF68A454FB8E91CE
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 5990B1D96D22FEB89EA24FA6ACA0300D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mackolik.us/ HTTP 301
    https://mackolik.com/ HTTP 301
    https://www.mackolik.com/ HTTP 302
    http://arsiv.mackolik.com/Default.aspx Page URL

Page Statistics

471
Requests

62 %
HTTPS

30 %
IPv6

87
Domains

128
Subdomains

91
IPs

14
Countries

6135 kB
Transfer

22752 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mackolik.us/ HTTP 301
    https://mackolik.com/ HTTP 301
    https://www.mackolik.com/ HTTP 302
    http://arsiv.mackolik.com/Default.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
Request Chain 52
  • http://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik HTTP 301
  • https://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
Request Chain 81
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620197910889&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&c7=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620197910889&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&c7=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&c9=
Request Chain 92
  • http://tr.hit.gemius.pl/fpdata.js?href=arsiv.mackolik.com HTTP 301
  • https://tr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
Request Chain 113
  • http://tr.hit.gemius.pl/_1620197911371/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=X_ZxgQIf_mZ_ddNVBpIGQ3gKip3OFrlR46eRP.Tdikr.I7&vis=1 HTTP 301
  • https://tr.hit.gemius.pl/_sslredir/_1620197911371/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=X_ZxgQIf_mZ_ddNVBpIGQ3gKip3OFrlR46eRP.Tdikr.I7&vis=1 HTTP 301
  • https://tr.hit.gemius.pl/__/_sslredir/_1620197911371/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=X_ZxgQIf_mZ_ddNVBpIGQ3gKip3OFrlR46eRP.Tdikr.I7&vis=1
Request Chain 131
  • http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651 HTTP 307
  • https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Request Chain 173
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 207
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 208
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 210
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 211
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 212
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 215
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 216
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 222
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 223
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 224
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 225
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 226
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 227
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 239
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=8732287839657384&tz=-120&fl=0&rr=false&s=4022876&bidid=18c87a54cd58548&transactionid=25c8fb57-b13f-4815-9f82-43e734a1d35d&auctionid=1bbfee15-cae6-49b7-9b74-f79c796a27b2&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=8732287839657384&tz=-120&fl=0&rr=false&s=4022876&bidid=18c87a54cd58548&transactionid=25c8fb57-b13f-4815-9f82-43e734a1d35d&auctionid=1bbfee15-cae6-49b7-9b74-f79c796a27b2&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com&crf=1
Request Chain 241
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 242
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 243
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 265
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 266
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 267
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 268
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 269
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 270
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 271
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 272
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 273
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 274
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 275
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 276
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 277
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 278
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 279
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 280
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 293
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
Request Chain 321
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=f243edc9-f9b2-4c35-b657-e19a2ec6b733&ssp=between&expires=30&user_group=5&bsw_param=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
Request Chain 322
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usd5EpCf1p0i.AikABlF5O1I-CA
Request Chain 323
  • https://sync.bumlam.com/?src=bw1&uid=635e20d7-a90a-527d-b5dc-7616d54e340e HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABichMmEBlIFvp7KygpiJDYzNWUyMGQ3LWE5MGEtNTI3ZC1iNWRjLTc2MTZkNTRlMzQwZQ** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARichMmEBlIFvp7KygpiJDYzNWUyMGQ3LWE5MGEtNTI3ZC1iNWRjLTc2MTZkNTRlMzQwZaIBEFFXmeCtbxHrilMMxHptL-8* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABichMmEBmIkNjM1ZTIwZDctYTkwYS01MjdkLWI1ZGMtNzYxNmQ1NGUzNDBlogEQUVeZ4K1vEeuKUwzEem0v7w** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARichMmEBmIkNjM1ZTIwZDctYTkwYS01MjdkLWI1ZGMtNzYxNmQ1NGUzNDBlogEQUVeZ4K1vEeuKUwzEem0v7w** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=515799e0-ad6f-11eb-8a53-0cc47a6d2fef
Request Chain 324
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=a6b82fac6adad984288825a4
Request Chain 328
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=a6b82fac6adad984288825a4&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=17cb6092-421b-4800-8105-ce9938a8b699&gdpr=1&gdpr_consent=
Request Chain 330
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a6b82fac6adad984288825a4&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:66b32b8c6c9c0c9e4dcea46b9181a413
Request Chain 331
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=NEaEhTZEjNQvRozRNBWQ0TJDjYQvEI2FNUJoANZL
Request Chain 332
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=c5a0236b-eac9-4ce0-8f64-a7f1458969f5
Request Chain 333
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTZiODJmYWM2YWRhZDk4NDI4ODgyNWE0
Request Chain 334
  • https://um.simpli.fi/lj_match?r=1620197915952&gdpr=1&gdpr_consent= HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 336
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Request Chain 337
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=IDME5KtY0ascAC41kVd5&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Request Chain 338
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YTZiODJmYWM2YWRhZDk4NDI4ODgyNWE0 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting
Request Chain 339
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Request Chain 340
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=iBnq2cTXuUvd&ev=1&pid=558511&gdpr_consent=&gdpr=1
Request Chain 343
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Request Chain 345
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=875739026507493165
Request Chain 348
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3970996078544791315&gdpr=1&gdpr_consent=
Request Chain 351
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a24c6092-421b-4400-a0e1-90ca2eda564f
Request Chain 352
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=krNx85CxeaKJs3r1k7Vl8J2xf_OJtizxkbI1cYhh
Request Chain 353
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8627405310273043880
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVyQdVY-5FPOrwzmZ2MzQo&google_cver=1
Request Chain 360
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=81816092-421b-4800-a4cf-b3d8fcb1ceb3
Request Chain 361
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UoYO91CEBqZJhgajUtUao1SDB_ZJ0Af3U4L05lvq
Request Chain 362
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2510563670617975227
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVyQdVY-5FPOrwzmZ2MzQo&google_cver=1
Request Chain 368
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%3Dfb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3%26gdpr%3D%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=fe05b4b525734d04af8082ffa3a96f01&ssp=between&bsw_param=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3&gdpr=&consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=354&user_id=fe05b4b525734d04af8082ffa3a96f01&ssp=between&bsw_param=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3&gdpr=&consent=&gdpr_pd= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=29f4fd2a-01e9-4e9c-b2a9-161fda79c0bb HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=29f4fd2a-01e9-4e9c-b2a9-161fda79c0bb&crf=1
Request Chain 370
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=4825170135112427554
Request Chain 372
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Hk_edlfnwm8wx721U4AZVTknnYpHeUgH6-N5SYA2BXGdGOX7ksSqkJ9aWLUCEoDz%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Hk_edlfnwm8wx721U4AZVTknnYpHeUgH6-N5SYA2BXGdGOX7ksSqkJ9aWLUCEoDz%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf&obuid=ENC(Hk_edlfnwm8wx721U4AZVTknnYpHeUgH6-N5SYA2BXGdGOX7ksSqkJ9aWLUCEoDz) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&apid=UP51dec174-ad6f-11eb-a994-026588a07cae HTTP 302
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&apid=UP51dec174-ad6f-11eb-a994-026588a07cae&verify=true HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=UP51dec174-ad6f-11eb-a994-026588a07cae
Request Chain 373
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=07112c88-06cd-0324-1584-0805e6dfaf0c
Request Chain 375
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-VEUSVVZE2pdu7KqqAZfri9.vCYA_wftYaR8t~A
Request Chain 376
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=51ab0755-ad6f-11eb-b7dd-3faee0f336a3
Request Chain 379
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Request Chain 380
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=c39f4aaf-54eb-49ca-97f5-e9ef1a7b8fa9
Request Chain 381
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1359765904 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1359765904 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/55190a47-a515-474d-a0ea-c177092f9d08 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9d954441-2757-4671-a350-39c57553a1c5-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-9d954441-2757-4671-a350-39c57553a1c5-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-9d954441-2757-4671-a350-39c57553a1c5-003
Request Chain 382
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=ktylFM2yZ5q5&ev=1&pid=558355
Request Chain 384
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=81816092-421b-4800-a4cf-b3d8fcb1ceb3&gdpr=1&gdpr_consent=
Request Chain 385
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJJCIAAAuMf_OQAC HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YJJCIAAAuMf_OQAC&gdpr=1&gdpr_consent=&_test=YJJCIAAAuMf_OQAC
Request Chain 390
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YJJCHsCo5s0AANl2K5EAAAAA
Request Chain 391
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1875819619529322333
Request Chain 392
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=IDME5KtY0ascAC41kVd5&pi=gumgum&tc=1
Request Chain 393
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XDylHb5pIazBDHhAtt1v_Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=775628617736400500
Request Chain 394
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOB406GZ-11-D31I&sigv=1&esig=2~a6b4fa24d7767a76208ab1cf60504607aa1b1d63
Request Chain 395
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=81816092-421b-4800-a4cf-b3d8fcb1ceb3
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKg3YELe8xxVop0pCIph7xM&google_cver=1
Request Chain 397
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI2Zjk4MmQ2MmM4ZDRmMjM4NWI3ZmYxOTM2Y2U5ODNkMjk2MDdiMA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI2Zjk4MmQ2MmM4ZDRmMjM4NWI3ZmYxOTM2Y2U5ODNkMjk2MDdiMA&google_tc=
Request Chain 399
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09CNDA2R1otMTEtRDMxSQ== HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09CNDA2R1otMTEtRDMxSQ==&google_tc=
Request Chain 415
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=1870471594856902473
Request Chain 418
  • https://um.simpli.fi/lj_match?r=1620197916436&gdpr=1&gdpr_consent= HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 420
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a6b82fac6adad984288825a4&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:66b32b8c6c9c0c9e4dcea46b9181a413
Request Chain 421
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTZiODJmYWM2YWRhZDk4NDI4ODgyNWE0
Request Chain 423
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Request Chain 425
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=IDME5KtY0ascAC41kVd5&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Request Chain 427
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=nzZMsbFj7ikW&ev=1&pid=558511&gdpr_consent=&gdpr=1
Request Chain 428
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Request Chain 430
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YTZiODJmYWM2YWRhZDk4NDI4ODgyNWE0 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting
Request Chain 431
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Request Chain 435
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3970996078544791315&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 436
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=L3oCxIdeglyUi1Rf_ZaU8A==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 438
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LNLAemri1LEbut5
Request Chain 439
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=1d37afb3-955e-421a-b723-b7f59baf9d74&user_group=1&ssp=openx&bsw_param=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
Request Chain 440
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFSzQwN0JKSVFBQUN3QWNTNElvZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 443
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=4825170135112427554
Request Chain 445
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28CLcQimDYkPwGJyHtBKcvKGgIvEIJ_DtE7NM5a3_pSFidJMaTWy3_6CzLGCIF7GqQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28CLcQimDYkPwGJyHtBKcvKGgIvEIJ_DtE7NM5a3_pSFidJMaTWy3_6CzLGCIF7GqQ%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf&obuid=ENC(CLcQimDYkPwGJyHtBKcvKGgIvEIJ_DtE7NM5a3_pSFidJMaTWy3_6CzLGCIF7GqQ) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 447
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=51bb0cd6-ad6f-11eb-9401-21b6d33ec6a7
Request Chain 450
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Request Chain 451
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=5b2d2080-3de2-4f49-9af7-9e063c8a6339
Request Chain 452
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3718062467 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/55190a47-a515-474d-a0ea-c177092f9d08 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9d954441-2757-4671-a350-39c57553a1c5-003
Request Chain 453
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=Fb3VGNVg90YR&ev=1&pid=558355
Request Chain 455
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJJCIAAAviu1qAA4 HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YJJCIAAAviu1qAA4&gdpr=1&gdpr_consent=&_test=YJJCIAAAviu1qAA4
Request Chain 460
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YJJCHsCo5s0AANl2LAEAAAAA
Request Chain 461
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316019771555001
Request Chain 462
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=IDME5KtY0ascAC41kVd5&pi=gumgum&tc=1
Request Chain 466
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABighMmEBlIFl4XSlAY* HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARighMmEBlIFl4XSlAaiARBShKCwrW8R66DXACWQ5Fw4 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQABighMmEBqIBEFKEoLCtbxHroNcAJZDkXDg* HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARighMmEBqIBEFKEoLCtbxHroNcAJZDkXDg* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=5284a0b0-ad6f-11eb-a0d7-002590e45c38 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=5284a0b0-ad6f-11eb-a0d7-002590e45c38&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=VereIbRCR1wL8ce406Y4mA& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=VereIbRCR1wL8ce406Y4mA&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=VereIbRCR1wL8ce406Y4mA&extra2=aidata&google_gid=CAESEORFg7MFn4H0MhOwi9yTOt8&google_cver=1 HTTP 301
  • https://sync.bumlam.com/?src=ggl&extra1=VereIbRCR1wL8ce406Y4mA&extra2=aidata&google_gid=CAESEORFg7MFn4H0MhOwi9yTOt8&google_cver=1 HTTP 302
  • https://an.yandex.ru/setud/adsniper/43DC375E76D49513?sign=3129796333 HTTP 302
  • https://an.yandex.ru/setud/adsniper/43DC375E76D49513?redir-setuniq=1&sign=3129796333
Request Chain 467
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 470
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=635e20d7-a90a-527d-b5dc-7616d54e340e HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=635e20d7-a90a-527d-b5dc-7616d54e340e&cs=1
Request Chain 471
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/469458 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/469458
Request Chain 473
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=635e20d7-a90a-527d-b5dc-7616d54e340e&expires=30 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/29f4fd2a-01e9-4e9c-b2a9-161fda79c0bb?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/29f4fd2a-01e9-4e9c-b2a9-161fda79c0bb?zcc=1&dspret=0&cb=1620197921819 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fb52c2fb-7462-4fe4-a45d-8cf9a7bafd8c-003
Request Chain 475
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F635e20d7-a90a-527d-b5dc-7616d54e340e HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/635e20d7-a90a-527d-b5dc-7616d54e340e

471 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Default.aspx
arsiv.mackolik.com/
Redirect Chain
  • http://mackolik.us/
  • https://mackolik.com/
  • https://www.mackolik.com/
  • http://arsiv.mackolik.com/Default.aspx
86 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.71 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s3) / ASP.NET
Resource Hash
f2746d579ec65d660dbf80cd603d3aa0d9e00378fcf9d912fef9989a1e044920

Request headers

Host
arsiv.mackolik.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
CCAcc (1.0.1/izm-nvme-s3)
Date
Wed, 05 May 2021 06:58:29 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
public, max-age=45
Expires
Wed, 05 May 2021 06:58:39 GMT
Last-Modified
Wed, 05 May 2021 06:57:39 GMT
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
sloc
487
s
90
X-US
HIT
Content-Encoding
gzip

Redirect headers

server
AkamaiGHost
content-length
0
location
http://arsiv.mackolik.com/Default.aspx
cache-control
max-age=0
date
Wed, 05 May 2021 06:58:30 GMT
x-content-type-options
nosniff
content-security-policy
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data:; connect-src https: wss:; font-src https: data:; media-src https: blob:;
strict-transport-security
max-age=63072000
x-xss-protection
1
x-frame-options
DENY
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 05:27:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Age
5433
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
93435
X-XSS-Protection
0
Expires
Thu, 05 May 2022 05:27:57 GMT
jquery-ui-1.8.23.custom.min.js
cm.cdn.md/js5/jquery-ui-1.8.23.custom/js/ 		200 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery-ui-1.8.23.custom/js/jquery-ui-1.8.23.custom.min.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
c36028122e14e2fdecbec5dcbc95a1c69806bd84f452851c51f4167d4054cfe1

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Sep 2012 09:04:06 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"d7ff178d339acd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
jquery-ui-1.8.20.custom.css
cm.cdn.md/js5/jquery-ui-1.8.20.custom/css/custom-theme/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery-ui-1.8.20.custom/css/custom-theme/jquery-ui-1.8.20.custom.css
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
71da956c41c2147c988d4d8c98db749c20b9e4f50f51a4a8c665c12c962d54b3

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
33346
Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:24 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"53e64cf03e75cd1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6510
Expires
Fri, 04 Jun 2021 06:58:30 GMT
jquery.jsonp-2.1.4.js
cm.cdn.md/js5/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery.jsonp-2.1.4.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
c8793509b08afcc3849deecb90ecb38d6ac55937b2035cae4b686f447900100c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Mar 2016 12:10:55 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"3375d2e5c57ad11:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
jquery.ui.datepicker-tr.js
cm.cdn.md/js5/jquery-ui-1.8.20.custom/development-bundle/ui/i18n/ 		882 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery-ui-1.8.20.custom/development-bundle/ui/i18n/jquery.ui.datepicker-tr.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
1c0ebfe3482cef643ce84216797b38555c84feacc385807066ce1c9d34c12f26

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Last-Modified
Wed, 08 Aug 2012 08:22:26 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"f3f370f13e75cd1:0"
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
882
Expires
Fri, 04 Jun 2021 06:58:30 GMT
jquery.ui.datepicker.css
cm.cdn.md/js5/jquery-ui-1.8.20.custom/development-bundle/themes/custom-theme/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery-ui-1.8.20.custom/development-bundle/themes/custom-theme/jquery.ui.datepicker.css
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
6793b37a48a4b85151458405cf6c5b9e4f18039328cb14fc8e32e29177a08b65

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
4088
Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:25 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"83c221f13e75cd1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1127
Expires
Fri, 04 Jun 2021 06:58:30 GMT
rupmackolik.com.arsiv.js
cdn.eksiup.com/api/special/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eksiup.com/api/special/rupmackolik.com.arsiv.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91365534c6efb0b5b61a167af1e26b5be0cc73a60db9d1cfb898bb2adc6d3bb6

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
56852
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09dceb417900001f51d30ad000000001
last-modified
Tue, 04 May 2021 15:10:17 GMT
server
cloudflare
etag
W/"609163d9-1beb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pCQzmkGP9tCSBa4mNeGifAWluwnBuQTAonBqoYqENinBAgYbAQ1F6qjfHIO1zzlRuVwUxeNh8fxmgxySG3J%2BsyJd1pCCHcJa28SMDJ%2B0B%2Bez5wMAu4%2FmOqqvLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
64a814af2cc21f51-FRA
expires
Tue, 11 May 2021 15:10:58 GMT
jquery.autocomplete.min.js
cm.cdn.md/js5/jquery-autocomplete/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery-autocomplete/jquery.autocomplete.min.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
c13f5ac7ae0e10138056f4c238226392ad28e883f78d3e19fb43dcb9c1b58582

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:24 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"435534f03e75cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
script.js
cm.cdn.md/js5/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/script.js?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
b653f066f750ee7c49d7625ecca7cf8c9aa713e7c2aed11255c663b43479d732

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Apr 2020 13:00:48 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"4d135ee38fd61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
validator.js
cm.cdn.md/js5/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/validator.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
fa589b0dc7e5cbc8fb038114db91bb6ecd872408092a0624fb47e798db79f56f

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:21 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"e316caee3e75cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
UrlHelper.js
cm.cdn.md/js5/Mackolik/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/Mackolik/UrlHelper.js?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
873ebd413711780ef503eb0d9adc5f26a8f1addb18e5b407fb345ec51d61a61e

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Nov 2018 13:02:02 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"824f6d8f6382d41:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
json2.js
cm.cdn.md/js5/Mackolik/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/Mackolik/json2.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
c1517ff23b17159795e65199e7fc06805bc36c10fe95ef8cd6b696b0fc3b7744

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2012 12:22:46 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"6aba4c78189bcd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
User.js
cm.cdn.md/js5/Mackolik/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/Mackolik/User.js?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
8985bad9bc1075a1519bc3cc1baba8fd995256b3f8f6d6a511de5302077a05fd

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 May 2018 11:57:00 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"513f3dfc7af6d31:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
jquery.fancybox-1.3.4.pack.js
cm.cdn.md/js5/jquery.fancybox-1.3.4/fancybox/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery.fancybox-1.3.4/fancybox/jquery.fancybox-1.3.4.pack.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:22 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"e3b5eeee3e75cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
jquery.fancybox-1.3.4.css
cm.cdn.md/js5/jquery.fancybox-1.3.4/fancybox/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery.fancybox-1.3.4/fancybox/jquery.fancybox-1.3.4.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
0be4f543ecce71aa0e5096763d2834f52ff57e754e2f549219c3148c17534aab

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
9524
Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:22 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"432fedee3e75cd1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1923
Expires
Fri, 04 Jun 2021 06:58:30 GMT
jquery.autocomplete.css
cm.cdn.md/js5/jquery-autocomplete/ 		845 B
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery-autocomplete/jquery.autocomplete.css
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
43522c2bf8d77ccab466f6334c7621176e0bcb6fe8604de4f56a2b6f8f615e0d

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:24 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"4322df03e75cd1:0"
ntCoent-Length
845
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
447
Expires
Fri, 04 Jun 2021 06:58:30 GMT
jquery.bxSlider.js
cm.cdn.md/js5/bxslider-1324b6e/source/ 		43 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/bxslider-1324b6e/source/jquery.bxSlider.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
ff9e832991a492c92de8dca85225f55e5f19b3290292f411c9ef2ba31e59bdee

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Oct 2012 08:16:00 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"8db84a3f6b0cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
bx_styles.css
cm.cdn.md/js5/bxslider-1324b6e/bx_styles/ 		2 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/bxslider-1324b6e/bx_styles/bx_styles.css
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
da6abd5cd7d7da4e9caaee5f07b1a613641a2ddb09f0934917fa7b31003c7797

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
1554
Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Oct 2012 08:16:00 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"e59dfea2f6b0cd1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
586
Expires
Fri, 04 Jun 2021 06:58:30 GMT
master.css
cm.cdn.md/css5/ 		83 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/css5/master.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
12bb3a8cbbbbe578fc0e90eae189437733fc4cae4a46679c6e0e5269fde0932e

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
84700
Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2016 12:04:10 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"cc1d9c5f383fd21:0"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
CookieManager.js
cm.cdn.md/js5/Mackolik/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/Mackolik/CookieManager.js?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
a156603d59ff5dfa2ffadffe143de68ce7eb50071ba19a45ccaa2c54d7beb1cc

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2012 12:22:46 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"b974478189bcd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
Coupon.js
cm.cdn.md/js5/Mackolik/ 		126 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/Mackolik/Coupon.js?v=31.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
f46774ce119fe427877f181509287b971834830f0b61155e904d123bfce03bfe

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 May 2020 13:12:28 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"71eb82cdba35d61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
Analytics.js
cm.cdn.md/js5/Mackolik/ 		309 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/Mackolik/Analytics.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
98ed689434c165dcaee863a2f9d1880d3c8827f1133a1ff1051e74d2e2b51166

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Last-Modified
Fri, 18 Nov 2016 09:03:36 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"d06d97a57a41d21:0"
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
309
Expires
Fri, 04 Jun 2021 06:58:30 GMT
porthole.js
cm.cdn.md/js5/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/porthole.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
8ec3eb4e98e6667ad6a6ab471e6de5ba7d8bdd2caedde38d888ba5dfaad30599

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:21 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"131bc8ee3e75cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
trivia.css
cm.cdn.md/css5/trivia/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/css5/trivia/css/trivia.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
1e089fe4af7bafaac381f0e4504e20ec5251795a7024ad64ecbda182d73dd2cb

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
9300
Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2013 13:08:13 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"11bf32b0a587ce1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1939
Expires
Fri, 04 Jun 2021 06:58:30 GMT
notification.css
cm.cdn.md/css5/trivia/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/css5/trivia/css/notification.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
0f2942b414a2db8e19bc57379fc2292df05dc4fa675979aa7063af6e5fa36d34

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
6592
Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2013 13:08:13 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"fbe7efafa587ce1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1539
Expires
Fri, 04 Jun 2021 06:58:30 GMT
Profile.css
cm.cdn.md/css5/trivia/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/css5/trivia/css/Profile.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
99b5e9bdcd8b2fe01d9952d123885bbc4d0b9db3c6ac42774e82607ca0bd3147

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2013 13:08:13 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"6671cb0a587ce1:0"
ntCoent-Length
24139
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5058
Expires
Fri, 04 Jun 2021 06:58:30 GMT
ProfileButton.css
cm.cdn.md/css5/trivia/css/ 		364 B
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/css5/trivia/css/ProfileButton.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
796027d4dba4cd6269e6f40609144c06aaff52be2ae40faa09e8240d19d0215f

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jul 2013 12:20:15 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"aacf3017a79ce1:0"
ntCoent-Length
364
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
230
Expires
Fri, 04 Jun 2021 06:58:30 GMT
Tooltip.css
cm.cdn.md/css5/trivia/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/css5/trivia/css/Tooltip.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
a54bba77b3aeac1b0a38caee5711c2c452e3eac65ae4238f5b0716b9436e6e56

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2013 13:08:13 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"79222b0a587ce1:0"
ntCoent-Length
6699
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1525
Expires
Fri, 04 Jun 2021 06:58:30 GMT
Share.css
cm.cdn.md/css5/trivia/css/ 		320 B
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/css5/trivia/css/Share.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
1820b768bbed677d552ebb3a64b1141c0c48c64acd3dba9cd63c188ca5c87da9

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2013 13:08:13 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"88bfcb0a587ce1:0"
ntCoent-Length
320
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
182
Expires
Fri, 04 Jun 2021 06:58:30 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cfd819fbd75277ef9c79698e0f96ba2d6a46d1453a7b625f7e4d5d9551322ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3750637
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1628
cf-request-id
09dceb3f760000074acfa42000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-1207"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5R%2FCYEB%2F6RUBERoiiYk6uY3sCfLin0DPxogP%2FbXUZj3veDGO67Dl%2F7QLy84AjuUqvl5Qa9q%2FEj%2BQpqaYhZ6vEn7omBhSp6IPsy%2BJ2bLnD35Y6PDVOi6Arqu7amoCDplvPA%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64a814abebc9074a-FRA
expires
Mon, 25 Apr 2022 06:58:30 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
Non-Authoritative-Reason
HSTS
iddaa-icon.png
im.cdn.md/img5/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/iddaa-icon.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
b08835e0e96d0237ab2ed9d316a032b5219ed5b68c201cca1eb48180aa13149e

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"91468aa34b81cd1:0"
Last-Modified
Thu, 23 Aug 2012 16:23:32 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1648
opta_logo.png
im.cdn.md/img5/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/opta_logo.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
5d0070afe85ad97f374bb2c0e442853497a1c9aba921a320c7667ffc3cd6d34a

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"ae6b7bbd5c41d01:0"
Last-Modified
Thu, 05 Feb 2015 15:59:36 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3509
galleryview.css
cm.cdn.md/css5/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/css5/galleryview.css?v=1.20.06
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
a91d2339b87d400657d27011d1e418ad9e65d7d60727101a64f12278b42f5412

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2012 12:22:42 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"e2a8e76189bcd1:0"
ntCoent-Length
2168
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
961
Expires
Fri, 04 Jun 2021 06:58:30 GMT
jquery.galleryview-1.1.js
cm.cdn.md/js5/jquery-galleryview-1.1/ 		25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery-galleryview-1.1/jquery.galleryview-1.1.js?v=1.20.06
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
ccfbcccdd761f6901f9c2225e022cc7fd07f82a15df3170c210996e9d6cae089

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Jul 2013 11:37:55 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"6e9e23ea1882ce1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
jquery.timers-1.1.2.js
cm.cdn.md/js5/jquery-galleryview-1.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery-galleryview-1.1/jquery.timers-1.1.2.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
e9ef8c5630768eac23544ef13c37e2158f1508b43657a11f482c6dbdf2ffad79

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:24 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"53ed36f03e75cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
jquery.easing.1.3.js
cm.cdn.md/js5/jquery-galleryview-1.1/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery-galleryview-1.1/jquery.easing.1.3.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:24 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"53ed36f03e75cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:30 GMT
chelsea-real-madrid-04272021-b.jpg
hm.cdn.md/img/haberbuyuk/c/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/c/chelsea-real-madrid-04272021-b.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
dce881df37ece3503fb95205b1392bb7c8c1aabc95d084e4d0df71ceef7a39c1

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"305a565aab3bd71:0"
Last-Modified
Tue, 27 Apr 2021 21:21:57 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49137
Expires
Fri, 04 Jun 2021 06:58:30 GMT
manchester-city-gol-sevinci-05042021-b.jpg
hm.cdn.md/img/haberbuyuk/m/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/m/manchester-city-gol-sevinci-05042021-b.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
fc4c88210236fb8e2e96c0e8b048470b77b6a6067a20c8d1a18e0b94085b06e2

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"90d1a3852841d71:0"
Last-Modified
Tue, 04 May 2021 21:00:32 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63871
Expires
Fri, 04 Jun 2021 06:58:30 GMT
anadolu-efes-real-madrid-05042021-b.jpg
hm.cdn.md/img/haberbuyuk/a/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/a/anadolu-efes-real-madrid-05042021-b.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
87067822b7a1880e918f8d8648a8df3bbc9ac01c1fb0cec2aefa15e8f5751ec8

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"b033ed191441d71:0"
Last-Modified
Tue, 04 May 2021 18:34:22 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55316
Expires
Fri, 04 Jun 2021 06:58:30 GMT
berat-ozdemir-trabzonspor-05032021-b.jpg
hm.cdn.md/img/haberbuyuk/b/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/b/berat-ozdemir-trabzonspor-05032021-b.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
7709df895a6a66348aaf1b8045c84eb9032075ec9e2f94ef03a2ca03b01c35f9

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"10dc701ffb40d71:0"
Last-Modified
Tue, 04 May 2021 15:35:33 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26588
Expires
Fri, 04 Jun 2021 06:58:30 GMT
fenerbahce-beko-05042021-k.jpg
hm.cdn.md/img/haber/f/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/f/fenerbahce-beko-05042021-k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
03c5ecd23de9807d07b82e5273dac606b5369ce5e1f838593f0a672408917032

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"90b53064641d71:0"
Last-Modified
Tue, 04 May 2021 16:56:13 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
Expires
Fri, 04 Jun 2021 06:58:30 GMT
JoseMourinho_TottenhamHotspur_2020-21_k.jpeg
hm.cdn.md/img/haber/J/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/J/JoseMourinho_TottenhamHotspur_2020-21_k.jpeg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
99e55b7c506804ba286a8b3e3ad537d7a92b2938a500a6d74752df22b2a4aa3e

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"1050eb756519d71:0"
Last-Modified
Mon, 15 Mar 2021 06:35:59 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17573
Expires
Fri, 04 Jun 2021 06:58:30 GMT
chelsea_08022021k.jpg
hm.cdn.md/img/haber/c/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/c/chelsea_08022021k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
1cac081799a0f288c62d4ad60a40e417f74dc3e3a1768d04f7a03de722cca911

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"c03741bcf2fdd61:0"
Last-Modified
Mon, 08 Feb 2021 08:16:43 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5884
Expires
Fri, 04 Jun 2021 06:58:30 GMT
dembaba_basaksehir_aa_08112020_K.jpg
hm.cdn.md/img/haber/d/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/d/dembaba_basaksehir_aa_08112020_K.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
7be05514fe338ed6cfbab82e994319ab6bab03cc038a24e6e6bbf99980e9e5f2

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"03e84184eb8d61:0"
Last-Modified
Wed, 11 Nov 2020 17:14:21 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20201
Expires
Fri, 04 Jun 2021 06:58:31 GMT
ansufati_barcelona_valencia_091419_k.jpg
hm.cdn.md/img/haber/a/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/a/ansufati_barcelona_valencia_091419_k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
e85ed70f54fcdcdbf8739151b7398df3e8bcb38f4afd38dba0e6ac802dd30995

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"c08b49933f6bd51:0"
Last-Modified
Sat, 14 Sep 2019 21:01:27 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7908
Expires
Fri, 04 Jun 2021 06:58:31 GMT
javi-martinez-bayern-2019-k.jpg
hm.cdn.md/img/haber/j/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/j/javi-martinez-bayern-2019-k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
e471e87ed4beab1580036363f9cf3a9877751cacbffa0bab58b83cc6cf944f8b

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"40d139f86d99d61:0"
Last-Modified
Sat, 03 Oct 2020 10:14:24 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5453
Expires
Fri, 04 Jun 2021 06:58:31 GMT
mustafa-yumlu-rizespor-05042021-k.jpg
hm.cdn.md/img/haber/m/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/m/mustafa-yumlu-rizespor-05042021-k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
113939c820b3432933472ce3a627acd88c9ff77b7ed47b57c8e23a48edd347a0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"d06797b9fd40d71:0"
Last-Modified
Tue, 04 May 2021 15:54:11 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8377
Expires
Fri, 04 Jun 2021 06:58:31 GMT
marcelo-real-madrid-05042021-k.jpg
hm.cdn.md/img/haber/m/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/m/marcelo-real-madrid-05042021-k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
86efa42fcec119039e2eb953c8030585e3831fcbd38f2b9e3c342e1437feb35c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"90db72d5f040d71:0"
Last-Modified
Tue, 04 May 2021 14:21:54 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5006
Expires
Fri, 04 Jun 2021 06:58:31 GMT
Mackolik_yenilendi_k.jpeg
hm.cdn.md/img/haber/M/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/M/Mackolik_yenilendi_k.jpeg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
f0754ba26b5564598ef1b014fd26e849540f2fe60303f91522f25d2a65b04f0f

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"60dcba13ab94d61:0"
Last-Modified
Sun, 27 Sep 2020 08:49:14 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5272
Expires
Fri, 04 Jun 2021 06:58:31 GMT
cylelarin_aa_07012021k.jpg
hm.cdn.md/img/haber/c/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/c/cylelarin_aa_07012021k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
8f748c119d9d5751485d0df940353e5e21757a21874166a52e71fdd67a409f97

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"109d7ee3cee4d61:0"
Last-Modified
Thu, 07 Jan 2021 08:27:08 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25645
Expires
Fri, 04 Jun 2021 06:58:31 GMT
denizlispor_depophotos_04052021k.jpg
hm.cdn.md/img/haber/d/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/d/denizlispor_depophotos_04052021k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
12ede91a905350378daf0b12a4c34e774f688a67f98c9becc8793277e8c05b24

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"b0b1c1e1db40d71:0"
Last-Modified
Tue, 04 May 2021 11:51:56 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15046
Expires
Fri, 04 Jun 2021 06:58:31 GMT
euro2020logo-2021-k.jpg
hm.cdn.md/img/haber/e/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/e/euro2020logo-2021-k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
71de2b556685fe99997bb893a59d4a6aaa0c915633f646db2ce030bbda438de1

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"9084388102bd71:0"
Last-Modified
Tue, 06 Apr 2021 18:13:23 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6427
Expires
Fri, 04 Jun 2021 06:58:31 GMT
35716
tags.bluekai.com/site/
Redirect Chain
  • http://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
  • https://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
62 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-99-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
82c4
Content-Type
image/gif

Redirect headers

Location
https://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
Date
Wed, 05 May 2021 06:58:30 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
newsdetail-arrow.png
im.cdn.md/img5/ 		962 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/newsdetail-arrow.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
b9a09427f1a1422f7302c8eaf58695c42f47466675e86202ebe401a9548adddb

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"b3d8af43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:30 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
962
Giannis_Antetokounmpo_14032021k.jpg
hm.cdn.md/img/haber/G/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/G/Giannis_Antetokounmpo_14032021k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
affa7d0257fe05717ee0484e34d3747939c9f66cbffd49a6b62c15781d427b11

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"7044ec67a618d71:0"
Last-Modified
Sun, 14 Mar 2021 07:48:21 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7106
Expires
Fri, 04 Jun 2021 06:58:31 GMT
NOR.gif
im.cdn.md/img/flags/ 		367 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/flags/NOR.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
b9373534d408ef10e20b3e0653c9d4b901e94a81237b9cdef1cc06c8a0464756

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"032f7af8afc71:0"
Last-Modified
Sat, 16 Jun 2007 09:26:54 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
367
120.gif
im.cdn.md/img/logo/kucuk/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/logo/kucuk/120.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
2ccffddd7ff2e9c0cb1325a12c4786ece0872eac077ee85c4068482270e7f647

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"97539bd5a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:42 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1139
POL.gif
im.cdn.md/img/flags/ 		232 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/flags/POL.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
6997ed5d149499d545612b3dffb3b16f2ae9b3f10c7193533115e09ae4733012

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"0b7f37ef8afc71:0"
Last-Modified
Sat, 16 Jun 2007 09:27:02 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
232
119.gif
im.cdn.md/img/logo/kucuk/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/logo/kucuk/119.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
d1a95693da4f11aa4645d8ed704614f14679cb6d46e3a2b67137d81f036eaba2

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"d7ef9bd5a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:42 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1132
RUS.gif
im.cdn.md/img/flags/ 		259 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/flags/RUS.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
bd5fcf182e343c02c360c3a5080eb4499a4a5e297783b2728306443dd54c4bae

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"0115681f8afc71:0"
Last-Modified
Sat, 16 Jun 2007 09:27:06 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
259
681.gif
im.cdn.md/img/logo/kucuk/ 		1004 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/logo/kucuk/681.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
f99658f600eb7f107a3504c806a5a5865d173edfe3de1b5e2c4d9593e234886a

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"e7cf15d5a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:41 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1004
FRA.gif
im.cdn.md/img/flags/ 		394 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/flags/FRA.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
c123ad847c18a2ec3113d9754a655569ee100e494f0cee10c574008c16ab64a7

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"09b1b219b0c71:0"
Last-Modified
Sat, 16 Jun 2007 11:26:06 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
394
195.gif
im.cdn.md/img/logo/kucuk/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/logo/kucuk/195.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
fcea0b2bf6dd0c2433efd74345c2bb5fbfb0b017ba404de6373d14b9596d872c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"67e584d5a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:42 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1133
AUT.gif
im.cdn.md/img/flags/ 		275 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/flags/AUT.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
d7771dde2892e058642cecd14c076c7d5290028bad01d52bbbff01ddcd17867b

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"090b059b0c71:0"
Last-Modified
Sat, 16 Jun 2007 11:25:20 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
275
8248.gif
im.cdn.md/img/logo/kucuk/ 		703 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/logo/kucuk/8248.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
3955a3073559f4f51c645bcef25f023a7c7cfba87d3bb1fb4a6c5fde2760e865

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"f2c97a26550cd1:0"
Last-Modified
Fri, 22 Jun 2012 10:56:11 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
703
POR.gif
im.cdn.md/img/flags/ 		558 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/flags/POR.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
d5004a9ada961a31405757982290a429a8c264b2a154659e32fab194b53d140c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"0b7f37ef8afc71:0"
Last-Modified
Sat, 16 Jun 2007 09:27:02 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
558
157.gif
im.cdn.md/img/logo/kucuk/ 		571 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/logo/kucuk/157.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
5ab2cb2850706571717a74499e8430164270ac8305586d45e1d0a3581f43a8b9

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"408adc90ba70d21:0"
Last-Modified
Tue, 17 Jan 2017 12:09:34 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
571
ARG.gif
im.cdn.md/img/flags/ 		327 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/flags/ARG.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
97d4d828b296784064da5cb5cd0ff1bfb74d87a79714d117bdf6896b31d94ced

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"0364e39b0c71:0"
Last-Modified
Sat, 16 Jun 2007 11:25:16 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
327
83.gif
im.cdn.md/img/logo/kucuk/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/logo/kucuk/83.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
58f047e5fdba8b46c00955c2986b253772a95da12ffdaa2eda3742a63d24ce30

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"37bca1d5a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:42 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1161
NED.gif
im.cdn.md/img/flags/ 		274 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/flags/NED.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
611a7dd3b2291b8d305deaf3398c20aa9f7418f1d7bbfa7d64fa6396682bfdc4

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"07c9b76f8afc71:0"
Last-Modified
Sat, 16 Jun 2007 09:26:48 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
274
1159.gif
im.cdn.md/img/logo/kucuk/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/logo/kucuk/1159.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
caa8795fdc2d03becd1b1fadaf4ba16ca8a02a18bc901b67a305ad70ab39c9e3

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"774bbfd4a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:41 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1116
ENG.gif
im.cdn.md/img/flags/ 		286 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/flags/ENG.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
d34307c9a22438c45e974f24d07f41f83227ecbf729a1a3b0f36cb0c38f1b30c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"014881d9b0c71:0"
Last-Modified
Sat, 16 Jun 2007 11:26:00 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
286
968.gif
im.cdn.md/img/logo/kucuk/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/logo/kucuk/968.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
983cfd08e05acbb6688d3b881f39dc1d875970138ff41c4c9a1374f4cb399014

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"2798e5d4a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:41 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1148
981.gif
im.cdn.md/img/logo/kucuk/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img/logo/kucuk/981.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
ce94599488ec9e8c575525914a25e9c7d97fabebf8570ce64939fea303cca39f

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"4775e3d4a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:41 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1111
mc.png
im.cdn.md/img5/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/icons/mc.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
939ec52ac0dd04dc5bcbd3fe8f4027e42a79989d9a7588fecd2c85aaa2987ba2

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"9369cbf43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:31 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1630
twit-ico.png
im.cdn.md/img5/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/icons/twit-ico.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
f2ff5e9280f6a481345116d335ff6f334378f045afed98c85815e3c3a717dbd3

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"e3f0d5f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:31 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1471
get.ashx
run.admost.com/adx/ 		23 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://run.admost.com/adx/get.ashx?k=55003&preredir={amClickThru}
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:31 GMT
Server
haproxy-go
Var
s:go602;c:1;e:28;hc:23
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
footer-ico.png
im.cdn.md/img5/ 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/footer-ico.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
e444291a8eb00c0786a77e8b783c318b2d77db35e6715aff504a46d8e64b3335

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"1339a5f33e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:29 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
946
admost.js
go.admost.com/adx/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
3dfb78d105e89ffe3359c30a219301b46640e01cb726e00693b9a1e745b678b8

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:30 GMT
Last-Modified
Wed, 10 Mar 2021 15:26:32 GMT
Server
haproxy-go
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
3985
Expires
-1
xgemius.js
tr.hit.gemius.pl/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tr.hit.gemius.pl/xgemius.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
79.137.69.120 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm10.host.hit.gemius.pl
Software
GHC /
Resource Hash
3177712e455be4da8e6afb3efe5d1f5dd26346917d63c22becb6d1c953102362

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 11:13:20 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
10546
Expires
Wed, 05 May 2021 18:58:31 GMT
beacon.js
b.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
13.224.111.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-48.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 05 May 2021 06:28:56 GMT
Via
1.1 06bb36c6f8415e5c64e03df316bffb5b.cloudfront.net (CloudFront)
Last-Modified
Fri, 26 Feb 2021 14:35:05 GMT
Server
AmazonS3
Age
1774
ETag
"1827f116c73f319409b97f10b8a58ade"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
MAD50-C1
Accept-Ranges
bytes
Content-Length
1469
X-Amz-Cf-Id
_R8IDQiNHgfBIzXFOYNIfu4w6ZySl5DhJtRCjmJFwWTwWybX3cSptQ==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620197910889&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csah...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620197910889&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csa...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620197910889&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&c7=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&c9=
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-129.mad50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:31 GMT
via
1.1 8698da0cfd5dac9801848770e0d61b63.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
ReKt-7iMIJRjDdWIIF4k5oB_nPvjxNBG7GIxvcFl9dCwg00C6sOzNg==

Redirect headers

date
Wed, 05 May 2021 06:58:31 GMT
via
1.1 8698da0cfd5dac9801848770e0d61b63.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620197910889&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&c7=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&c9=
content-length
308
x-amz-cf-id
UoVtjB4kEha2XgFTMYc4J-BMpLn3q-tTYe_Oqc_tJdKZN9KV4tyBGA==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2360
date
Wed, 05 May 2021 06:19:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 05 May 2021 08:19:11 GMT
new-mackolik-logo.png
im.cdn.md/img5/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/new-mackolik-logo.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
051bcb4e7ec2e3a0a3e136cc2cc74f650f78a389ac7e4d88a8bc2d27d10859c1

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"aaa3bd264881cd1:0"
Last-Modified
Thu, 23 Aug 2012 15:58:35 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4670
home-ico.png
im.cdn.md/img5/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/home-ico.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
47c9ac90d4519600c96b8e3a69bb9f6d6bf39cdf1dff9aae44306e0ceeab02d0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"f3aeaef33e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:30 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1945
menu-bg.png
im.cdn.md/img5/ 		968 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/menu-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
441f219ed57ed9ba64aedc1344c051924b4427e129a31df2528bd7e53d5cb7b5

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"735a5f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:30 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
968
menu-hover.png
im.cdn.md/img5/ 		987 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/menu-hover.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
61ac0055643f185e2957d5a8c5d8e7c1f526101ed2394381207ba1ac49b7f4ed

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"735a5f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:30 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
987
menu-right-bg2.png
im.cdn.md/img5/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/menu-right-bg2.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
5ae42226599cbac001f2db8f5a32cb3f389de9893e4f9e1d88de3118fefa412f

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"6d3480b3f984cd1:0"
Last-Modified
Tue, 28 Aug 2012 08:47:05 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1105
index-search-k.png
im.cdn.md/img5/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/index-search-k.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
812031ef332b67aa8f3efe65e4dec304864ceb58b8442e08cdbdd82be187ce55

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:30 GMT
ETag
"54f5f1ad2845d01:0"
Last-Modified
Tue, 10 Feb 2015 11:57:01 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1741
bottom-menu-bg.png
im.cdn.md/img5/ 		973 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/bottom-menu-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
a6121e496afc82cd9dac0022c7824ef5af01e40e99e4f1171729d1e486ea20d6

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"33ff91f33e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:29 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
973
get.ashx
run.admost.com/adx/ 		914 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=46597&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e339219d347effa315af137b67c0442a018ed4e5f38c2c2748d994644a372ab2

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:31 GMT
Server
haproxy-go
Pbk
473044-328614-46597
Var
s:go602;cd:60;r:>473044-328614-46597-0;cs:cp:cache_z_46597_*_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
914
Expires
-1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupmackolik.com.arsiv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
d66dc6840a8eadb430f444575c3d5b03b37c823a10b42edaf12228f4b7d8bc46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"862 / 469 of 1000 / last-modified: 1620166139"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21155
x-xss-protection
0
expires
Wed, 05 May 2021 06:58:31 GMT
fpdata.js
tr.hit.gemius.pl/_sslredir/
Redirect Chain
  • http://tr.hit.gemius.pl/fpdata.js?href=arsiv.mackolik.com
  • https://tr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
281 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.69.120 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm10.host.hit.gemius.pl
Software
GHC /
Resource Hash
326c750b0fa4d6087f7cb6d2338e7f692397b9bd1047a5d835cc69a25515fcbd

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:31 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
281
expires
Fri, 04 Jun 2021 06:58:31 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:31 GMT
Server
GHC
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Location
https://tr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
none
Keep-Alive
timeout=10
Content-Length
0
Expires
Tue, 04 May 2021 06:58:31 GMT
panel-trans.png
cm.cdn.md/js5/jquery-galleryview-1.1/themes/red/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cm.cdn.md/js5/jquery-galleryview-1.1/themes/red/panel-trans.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
037921b880f09ad6fadb833e28069c2dc8a6f5564587bad9695885b3b62ffae9

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Last-Modified
Wed, 08 Aug 2012 08:22:24 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
"138642f03e75cd1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
930
Expires
Fri, 04 Jun 2021 06:58:31 GMT
get.ashx
run.admost.com/adx/ 		23 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=49886&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:31 GMT
Server
haproxy-go
Var
s:go601;c:1;e:37;hc:3
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1736844548&t=pageview&_s=1&dl=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1236823530&gjid=1031538726&cid=818289258.1620197911&tid=UA-241588-3&_gid=1441018505.1620197911&_r=1&_slc=1&z=1003926880
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-241588-3&cid=818289258.1620197911&jid=1236823530&gjid=1031538726&_gid=1441018505.1620197911&_u=IEBAAEAAAAAAAC~&z=924695687
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 05 May 2021 06:58:31 GMT
content-type
text/plain
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoPlayer.aspx
arsiv.mackolik.com/VideoPlayer/ Frame 634C 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.71 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s3) / ASP.NET
Resource Hash
f20dafc9f52f410cb8d31261d8eb82197df655c212e3c4c679937553f9353526

Request headers

Host
arsiv.mackolik.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/Default.aspx
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
am_cookie_test=true; _ga=GA1.2.818289258.1620197911; _gid=GA1.2.1441018505.1620197911; _gat=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/Default.aspx

Response headers

Server
CCAcc (1.0.1/izm-nvme-s3)
Date
Wed, 05 May 2021 06:58:29 GMT
Content-Type
text/html; charset=utf-8
Content-Length
4551
Connection
keep-alive
Cache-Control
public, max-age=5843
Content-Encoding
gzip
Expires
Wed, 05 May 2021 07:04:27 GMT
Last-Modified
Wed, 05 May 2021 05:24:27 GMT
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
sloc
629
s
5
X-US
HIT
get.ashx
run.admost.com/adx/ 		23 B
731 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=14420&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:31 GMT
Server
haproxy-go
Var
s:go917;cs:cp:cache_z_14420_*_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
blue-bg.png
im.cdn.md/img5/ 		939 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/blue-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
f82fa028dce989ca4321ce730ff7ebdf14845f2529464866c95f2b64c68a118d

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"38a91f33e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:29 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
939
brown-bg.png
im.cdn.md/img5/ 		940 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/brown-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
a13329727556eb03b67a9ae8a13ced0ba088dc4d11dfa26570e78ff7cbe2bb56

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"637492f33e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:29 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
940
pubads_impl_2021042801.js
securepubads.g.doubleclick.net/gpt/ 		300 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 08:37:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108145
x-xss-protection
0
expires
Wed, 05 May 2021 06:58:31 GMT
sticky-footer.js
cdn.eksiup.com/api/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eksiup.com/api/sticky-footer.js?siteid=25&slotid=25
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupmackolik.com.arsiv.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384b935474ab09f84f7e845a6e91d8cbad2ff14ed25053d0be524d4624550875

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3250
cf-polished
origSize=9393
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09dceb432700004de217256000000001
last-modified
Sat, 05 Dec 2020 00:45:47 GMT
server
cloudflare
etag
W/"5fcad83b-24b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F%2B2rN%2F0fh44HkTJuW79YSHewTeFQlj%2B%2FCV7hsTMl6dxKTlL%2BjviRN3hH1QqLe3pGklp2WJXwYAui7LgP5M%2FukBH3LOd3Lb%2Fi61r6L2U8cOGiol%2F8b9MfQ2QkVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
64a814b1de514de2-FRA
expires
Tue, 04 May 2021 12:03:46 GMT
get.ashx
run.admost.com/adx/ 		871 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=46595&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
81f5e8672a0895c95e0d3e3a500778d9f39c854fb3be84ebcc29846876cf30da

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:31 GMT
Server
haproxy-go
Pbk
473043-328613-46595
Var
s:go593;c:1;e:-9223372036;hc:0;r:>473043-328613-46595-0;cs:cp:cache_z_46595_*_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
871
Expires
-1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame 634C 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 05:27:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Age
5434
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
93435
X-XSS-Protection
0
Expires
Thu, 05 May 2022 05:27:57 GMT
jquery.jsonp-2.1.4.js
cm.cdn.md/js5/ Frame 634C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/jquery.jsonp-2.1.4.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
c8793509b08afcc3849deecb90ecb38d6ac55937b2035cae4b686f447900100c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Mar 2016 12:10:55 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"3375d2e5c57ad11:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:31 GMT
docs.min.css
js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/ Frame 634C 		59 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/docs.min.css
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
51.195.89.103 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3183877.ip-51-195-89.eu
Software
MerlinCDN /
Resource Hash
0133a3a8bad96c183d5fd19407b4cc471dcdd5eb0e81c5504c198ae5a04d6d40
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Via
HTTP/1.1 Merlin CDN
X-Content-Type-Options
nosniff
Age
64667
grace
none
Transfer-Encoding
chunked
X-Cache
CMISS_01
P3P
CP= CAO PSA OUR
Access-Control-Allow-Methods
GET, OPTIONS, POST, HEAD
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Allow
GET, HEAD, POST
Server
MerlinCDN
X-Midtier
de-fra-dp-s01
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Edge
de-lim-ovc-s01
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
X-ECACHE
HIT
healthy
none
X-Age
0
Access-Control-Allow-Headers
accept, origin, x-requested-with, content-type
X-Mcache
EXPIRED
X-VCT
0.000
beacon.js
sb.scorecardresearch.com/ Frame 634C 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sb.scorecardresearch.com/beacon.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
13.224.111.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-129.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 05 May 2021 06:28:56 GMT
Via
1.1 31a031d42a24d17f209d69933362ff3b.cloudfront.net (CloudFront)
Last-Modified
Fri, 26 Feb 2021 14:35:05 GMT
Server
AmazonS3
Age
1775
ETag
"1827f116c73f319409b97f10b8a58ade"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
MAD50-C1
Accept-Ranges
bytes
Content-Length
1469
X-Amz-Cf-Id
gUk6Lo3Zytmu14tNDNlssgNSZerdNVqa9W152V077oY9wqZiQpXs7Q==
gstream.js
str.hit.gemius.pl/ Frame 634C 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://str.hit.gemius.pl/gstream.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
79.137.69.91 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm11.host.hit.gemius.pl
Software
GHC /
Resource Hash
2c13be7e6baf352ce470ded3c4ea9a4689ab876b4c07fdbfe7d5b4fb1be05787

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 11:13:20 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
8037
Expires
Wed, 05 May 2021 18:58:31 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 634C 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Length
117044
X-XSS-Protection
0
Expires
Wed, 05 May 2021 06:58:31 GMT
docs.min.js
js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/ Frame 634C 		967 KB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
51.195.89.103 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3183877.ip-51-195-89.eu
Software
MerlinCDN /
Resource Hash
ec56b2a59262e7489dfdeb863840fbf779478550f423b3cb9b4a9047342da21b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Via
HTTP/1.1 Merlin CDN
X-Content-Type-Options
nosniff
Age
64667
grace
none
Transfer-Encoding
chunked
X-Cache
CMISS_01
P3P
CP= CAO PSA OUR
Access-Control-Allow-Methods
GET, OPTIONS, POST, HEAD
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Allow
GET, HEAD, POST
Server
MerlinCDN
X-Midtier
de-fra-dp-s01
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge
de-lim-ovc-s01
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
X-ECACHE
HIT
healthy
none
X-Age
0
Access-Control-Allow-Headers
accept, origin, x-requested-with, content-type
X-Mcache
HIT
X-VCT
0.000
videojs-dock.js
cm.cdn.md/js5/ Frame 634C 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cm.cdn.md/js5/videojs-dock.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) /
Resource Hash
4f64f8e57fceff16ab30429262845ed261ba56e666ee48dd8c0f0616eefd0702

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2016 09:38:40 GMT
Server
CCAcc (1.0.1/frk-s5)
ETag
W/"5f2740967e20d21:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:58:31 GMT
sticky-footer.php
cdn.eksiup.com/api/ 		669 B
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.eksiup.com/api/sticky-footer.php?siteid=25&slotid=25&width=1600
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/sticky-footer.js?siteid=25&slotid=25
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f324e01e06560f8cf72e66ba86e85294b4ddb2775c3690b18efbb7e6ef6c68eb

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

xr-caches
master
date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
xr-cache
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Npf0QZiELdfRupCSgq1IT%2FBFc%2BEXe5VvM%2FpHd0O%2F%2BZnMe4q5AtE4lO7xwa91kKl1M%2Fp1MGfYZ%2F9weyZODUhF23BssDWXqGloshdahG3xSFC61QGt0HV5mqPPA%3D%3D"}]}
content-type
application/json
access-control-allow-origin
*
cf-ray
64a814b209f74e5c-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09dceb434400004e5c2885b000000001
rexdot.js
tr.hit.gemius.pl/__/_sslredir/_1620197911371/
Redirect Chain
  • http://tr.hit.gemius.pl/_1620197911371/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackol...
  • https://tr.hit.gemius.pl/_sslredir/_1620197911371/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fa...
  • https://tr.hit.gemius.pl/__/_sslredir/_1620197911371/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%...
169 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.hit.gemius.pl/__/_sslredir/_1620197911371/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=X_ZxgQIf_mZ_ddNVBpIGQ3gKip3OFrlR46eRP.Tdikr.I7&vis=1
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.69.120 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm10.host.hit.gemius.pl
Software
GHC /
Resource Hash
f5475b65460eee91e73904652540942377c61bd39da4743b2edd58969d36a5a8

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:31 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Tue, 04 May 2021 06:58:31 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:31 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_sslredir/_1620197911371/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=X_ZxgQIf_mZ_ddNVBpIGQ3gKip3OFrlR46eRP.Tdikr.I7&vis=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Tue, 04 May 2021 06:58:31 GMT
truncated
/ 		352 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6df79e98ac3f39a612316d11ac887567173d8b940ca5ca1c48582e5ac57e79b0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7acea79c2521213b0e379bcb9c0fe0c690e5cb7ccad1998c5920b2a5699843ad

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EBC4 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/sticky-footer.js?siteid=25&slotid=25
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
d66dc6840a8eadb430f444575c3d5b03b37c823a10b42edaf12228f4b7d8bc46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"862 / 186 of 1000 / last-modified: 1620166139"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21155
x-xss-protection
0
expires
Wed, 05 May 2021 06:58:31 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: run.admost.com
URL: http://run.admost.com/adx/get.ashx?z=46595&accptck=true
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
d66dc6840a8eadb430f444575c3d5b03b37c823a10b42edaf12228f4b7d8bc46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"862 / 632 of 1000 / last-modified: 1620166139"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21155
x-xss-protection
0
expires
Wed, 05 May 2021 06:58:31 GMT
standing-bg.png
im.cdn.md/img5/ 		966 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/standing-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
c45435989dbfa92ad5a498960feea35a92a8ccfa8032d929c29e6da89114e737

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"a34945f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:31 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
966
standing-hover.png
im.cdn.md/img5/ 		974 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/standing-hover.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
146c53518c6967e7e13ea9b117028f06b5af60bc1035e670ff35fede53253a30

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"33a946f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:31 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
974
menubar-bg.png
im.cdn.md/img5/ 		957 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/menubar-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
932bdfb828436b081101296ca3c21e1232156bb95ecce0ab39c0f34dc4086dc9

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"d3810f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:30 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
957
get.ashx
run.admost.com/adx/ 		23 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=16998&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:31 GMT
Server
haproxy-go
Var
s:go917;c:1;e:34;hc:4
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
integrator.js
adservice.google.dk/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=arsiv.mackolik.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.mackolik.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2953133834302545&correlator=818462811732997&output=ldjh&impl=fif&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Ctopbanner_masthead_multisize_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C980x250%7C970x250&cookie_enabled=1&bc=23&abxe=1&lmt=1620197859&dt=1620197911468&dlt=1620197910379&idt=1063&frm=20&biw=1600&bih=1200&oid=3&adxs=320&adys=134&adks=821623584&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=960x90&msz=960x90&ga_vid=818289258.1620197911&ga_sid=1620197911&ga_hid=1736844548&ga_fc=false&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
dd3d7df053b380f29e44cfe015b1a5044f3403ae606aa6f8594b2142dff091a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4647
x-xss-protection
0
google-lineitem-id
5592962289
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138337300740
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1a951e109e69191f710f7cfd579a753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1a951e109e69191f710f7cfd579a753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2953133834302545&correlator=818462811732997&output=ldjh&impl=fif&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Ctopmpu_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie_enabled=1&bc=23&abxe=1&lmt=1620197859&dt=1620197911475&dlt=1620197910379&idt=1063&frm=20&biw=1600&bih=1200&oid=3&adxs=972&adys=245&adks=3491219890&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=818289258.1620197911&ga_sid=1620197911&ga_hid=1736844548&ga_fc=false&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b58a7dca52843d7ec6220c7c11b9bc910372b7bdabd270c385c837b66b14add4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10713
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.mackolik.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 634C 		1 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
http://arsiv.mackolik.com
Referer
http://js.duhnet.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
gemiuslib.js
str.hit.gemius.pl/ Frame 634C 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://str.hit.gemius.pl/gemiuslib.js
Requested by
Host: str.hit.gemius.pl
URL: http://str.hit.gemius.pl/gstream.js
Protocol
HTTP/1.1
Server
79.137.69.91 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm11.host.hit.gemius.pl
Software
GHC /
Resource Hash
3ef707fc4a3c01523d30510ce8a91d224e4b80d31be2fd7b18ceee18fb5c437b

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 11:13:20 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
10199
Expires
Wed, 05 May 2021 18:58:31 GMT
pubads_impl_2021042801.js
securepubads.g.doubleclick.net/gpt/ Frame EBC4 		300 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 08:37:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108145
x-xss-protection
0
expires
Wed, 05 May 2021 06:58:31 GMT
like.php
www.facebook.com/plugins/ Frame 7C6E
Redirect Chain
  • http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&heig...
  • https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&hei...
31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eea9e4b49d8ea034a8cd413e010d6b4dc813f1348c13bec61192db29f85739d1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.mackolik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

vary
Accept-Encoding
x-fb-rlafr
0
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
hTdvVLsRszi603U8R1iUcoxKbfZJIVTNeEY7Aapxc210LB/XYomrh+c/BIt8PW8+hng9WIWfgyJFCbyv1lHWTA==
date
Wed, 05 May 2021 06:58:31 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Non-Authoritative-Reason
HSTS
popular-bg.png
im.cdn.md/img5/ 		958 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/popular-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
3ae830068399ffead55c272748252cda43e6103da5e6b0d673ae751c27d52200

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"93472af43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:30 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
958
twit-top.png
im.cdn.md/img5/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/twit-top.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
5aff8b1abcb6212d44a19927db2e892166a403245e076a5f6b64e6d9dac3bbd2

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
ETag
"437f92f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:31 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1263
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/6712)
Age
615
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
get.ashx
run.admost.com/adx/ 		278 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=14421&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
04a6b8d171809bcc49550f473576d2f079093a306cb81e95fcb7f6d1a0ea3de8

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:31 GMT
Server
haproxy-go
Pbk
431706-287984-14421
Var
s:go917;cd:5;r:>431706-287984-14421-0;cs:cp:cache_z_14421_*_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
278
Expires
-1
analytics.js
www.google-analytics.com/ Frame 634C 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2360
date
Wed, 05 May 2021 06:19:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 05 May 2021 08:19:11 GMT
truncated
/ Frame 634C 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Origin
http://arsiv.mackolik.com
Referer
http://js.duhnet.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
1dlryyf7b8ahn1m9lzlff1gc2v_2400000.mp4
daznplayervod.daznservices.com/ePlayer2/20210504/ Frame 634C 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://daznplayervod.daznservices.com/ePlayer2/20210504/1dlryyf7b8ahn1m9lzlff1gc2v_2400000.mp4
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://arsiv.mackolik.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Last-Modified
Tue, 04 May 2021 13:20:40 GMT
Server
AmazonS3
x-amz-request-id
69VSTTHKTH4S1FM9
ETag
"7f78344735986225eaf1f98950c847b4-9"
Content-Type
video/mp4
Content-Range
bytes 0-42099501/42099502
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42099502
x-amz-id-2
Pd+vZmDkHNPGJF/A587Du4X2da0T76Fh66SCJm2NGIEpqjWgUKFKFfPdDvkTd9atryCNkZZ9Rk8=
bridge3.453.0_tr.html
imasdk.googleapis.com/js/core/ Frame 537D 		570 KB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.453.0_tr.html
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de00817d2456b6108f78a2774d70d1ab8658a5ba300ab4023c55dd2817de052a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Host
imasdk.googleapis.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Type
text/html
Cross-Origin-Resource-Policy
cross-origin
Content-Length
190928
Date
Wed, 05 May 2021 04:12:25 GMT
Expires
Thu, 05 May 2022 04:12:25 GMT
Last-Modified
Wed, 21 Apr 2021 20:50:03 GMT
X-Content-Type-Options
nosniff
Server
sffe
X-XSS-Protection
0
Age
9966
Cache-Control
public, max-age=31536000
client.js
s0.2mdn.net/instream/video/ Frame 634C 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 05 May 2021 06:58:31 GMT
mackolik_emk3rudazsjg14plgfcgb585b.png
images.performgroup.com/di/library/eplayer3_user_guide/5a/e0/ Frame 634C 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.performgroup.com/di/library/eplayer3_user_guide/5a/e0/mackolik_emk3rudazsjg14plgfcgb585b.png?h=28
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
2.18.232.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f9f3facbbca03a3c32a03c74da2152f3888997c01e9c523e8801cc7e0d89d516

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:31 GMT
Last-Modified
Mon, 03 May 2021 16:40:44 GMT
Server
Apache
ETag
"96d-5c16f9f6ffb00"
Content-Type
image/png
X-Server-Id
62ff5c2cd20855624be087e9eecfdb9ec2d414af
Cache-Control
max-age=66499
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2413
Expires
Thu, 06 May 2021 01:26:50 GMT
spor_toto_2_300x250.png
admost-banner.b-cdn.net/admost/4/2017/6/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admost-banner.b-cdn.net/admost/4/2017/6/spor_toto_2_300x250.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
cd807ea3a77c9f394aa0f9ee99f8f16d73bc39416d92caa113aa49625718ca5d

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:31 GMT
x-downloadsize
43171
cdn-edgestorageid
632, 602
x-bo-processingtime
11
cdn-cachedat
2021-05-05 08:43:49
cdn-pullzone
178422
content-length
10964
x-bo-server
DE-132
last-modified
Thu, 29 Apr 2021 12:34:17 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
206
x-bo-origindownloadtime
244
content-type
image/webp
cdn-cache
HIT
cdn-uid
79355934-3932-41c0-9817-733cc0c4d7a6
cache-control
public, max-age=2592000
x-bo-compressionratio
74.6%
cdn-requestid
c43e46a5e854f3395fa5741bcf80ebb4
accept-ranges
bytes
cdn-requestcountrycode
DK
cdn-requestpullsuccess
True
get.ashx
run.admost.com/adx/ 		23 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=14472&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:31 GMT
Server
haproxy-go
Var
s:go601;c:1;e:23;hc:6
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
collect
www.google-analytics.com/j/ Frame 634C 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1445225268&t=event&_s=1&dl=http%3A%2F%2Farsiv.mackolik.com%2FVideoPlayer%2FVideoPlayer.aspx%3Fid%3D10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v%26autoplay%3Dtrue%26showads%3Dtrue%26page%3Dcanlisonuc&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=630x355&je=0&ec=Videos&ea=play&el=1dlryyf7b8ahn1m9lzlff1gc2v&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=818289258.1620197911&tid=UA-241588-3&_gid=1441018505.1620197911&_slc=1&z=501058199
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.dk/adsid/ Frame EBC4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=arsiv.mackolik.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EBC4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.mackolik.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EBC4 		471 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3162757403989719&correlator=2816080925046541&output=ldjh&impl=fif&eid=31060789%2C31060841%2C31060839%2C44740386&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Csticky&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x100%7C375x100%7C728x90%7C300x50%7C320x50%7C970x90&cookie_enabled=1&cdm=arsiv.mackolik.com&bc=23&abxe=1&lmt=1620197911&dt=1620197911724&dlt=1620197911386&idt=331&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=800&adys=1317&adks=2617765872&ucis=gocu5dgvrkay&ifi=1&ifk=984508663&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=http%3A%2F%2Farsiv.mackolik.com%2F&top=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1x100&msz=1x100&ga_vid=818289258.1620197911&ga_sid=1620197912&ga_hid=1772848256&ga_fc=true&fws=256&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
72ed32e45bc0b57f35d56a870a7adb3456bca2a9734683a524206eb60bc8b37a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a5007bfe6c4fdb9e8afd529eafa94ee4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EBC4 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a5007bfe6c4fdb9e8afd529eafa94ee4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame EBC4 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 7C6E 		400 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
KASiXt3PX7nPgje7J4l5ABied9/uc3azD/KFHbLLtzeppCOVn3YN7PyrlmZqapdF3YYLaDijfr1eyYxu4akihg==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Tue, 27 Apr 2021 15:55:46 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
400
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Wed, 27 Apr 2022 15:55:46 GMT
UGr3q6A6xRs.js
www.facebook.com/rsrc.php/v3iR5z4/y6/l/tr_TR/ Frame 7C6E 		503 KB
132 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iR5z4/y6/l/tr_TR/UGr3q6A6xRs.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
304b66f36efdb01196fedac11298d1ea5e60f9da831768c9d2b3813e2671482e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
MUX/Nt4jgqxHQdzMjrbEpQ==
cross-origin-resource-policy
cross-origin
content-length
134961
x-fb-rlafr
0
x-fb-debug
nByWiRGbC4pApAukOJPpXF4LzlF8JDe01Wciw6yKdEO8EjOQnfQqM/Ar8t4eSGH4KZtQYPITcNBOVaaLAG7L+g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 May 2022 06:18:46 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4D9F 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:14:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2646
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 05 May 2021 07:14:25 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 7C6E 		67 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1620197911730&t_start=1620197911730&t_domcontent=1620197911739&t_layout=1620197911765&t_onload=1620197911765&t_paint=1620197911765&t_creport=1620197911765&t_tti=1620197911739&lid=6958697041652770803-0
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
IV+/gQ/C9C5G62FG3BsdxnH9bdj934xoztVzdIjtjIpSllWKjqYDafxXP2Rv4SYllNSl4slQPCV0P0IKpKH2/A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 05 May 2021 06:58:31 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
get.ashx
run.admost.com/adx/ 		23 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=26435&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:31 GMT
Server
haproxy-go
Var
s:go917;c:1;e:28;hc:3
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ Frame EBC4 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b66f827c8c5c0d83875a613a8a368400d21737bf51518cd620da2ffbed3fa9fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7648
x-xss-protection
0
get.ashx
run.admost.com/adx/ 		23 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=31811&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e05877ec1cc3a0f91bd0726fab6baca1bbf8caf6048941bd6fbf805088e357d7

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:31 GMT
Server
haproxy-go
Var
s:go593;c:1;e:32;hc:27
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EBC4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 05 May 2021 06:58:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame DB35 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.mackolik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 05 May 2021 06:57:54 GMT
expires
Thu, 05 May 2022 06:57:54 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
37
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
pagead2.googlesyndication.com/bg/ Frame DB35 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 21:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 12:48:00 GMT
server
sffe
age
32365
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5711
x-xss-protection
0
expires
Wed, 04 May 2022 21:59:06 GMT
get.ashx
run.admost.com/adx/ 		23 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=36373&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e05877ec1cc3a0f91bd0726fab6baca1bbf8caf6048941bd6fbf805088e357d7

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:32 GMT
Server
haproxy-go
Var
s:go593;c:1;e:18;hc:7
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022103020108001/ Frame FD89 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e5ac641a594d3e75dafa96f0ef3ce4cac642ecb3311698461beefc164e0f81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
57481
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55149
x-xss-protection
0
server
sffe
date
Tue, 04 May 2021 15:00:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"28692e13adbc87cf"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 May 2022 15:00:31 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame FD89 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
339899
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Sat, 01 May 2021 08:33:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 08:33:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame FD89 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
339900
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Sat, 01 May 2021 08:33:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 08:33:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame FD89 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
85521
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Tue, 04 May 2021 07:13:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 May 2022 07:13:11 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame FD89 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
65478
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Tue, 04 May 2021 12:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 May 2022 12:47:14 GMT
truncated
/ Frame FD89 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86fdcf3cffbd5630628c700977c61ff89743b3481ab7e5ac970f6aaeb4928e41

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
5850082136402609871
tpc.googlesyndication.com/simgad/ Frame FD89 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5850082136402609871?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmc1tfvrUPmt8s-zr9n_fZBxZDWoQ
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d0b543297c8291823e3ef2cebdfe9314dbf3dd9c07a3eea22f874ba6059619b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 21:22:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 07:20:36 GMT
server
sffe
age
34592
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45211
x-xss-protection
0
expires
Wed, 04 May 2022 21:22:00 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FD89 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 03:56:29 GMT
x-content-type-options
nosniff
server
cafe
age
10923
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3057
x-xss-protection
0
expires
Thu, 06 May 2021 03:56:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FD89 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 May 2021 21:00:17 GMT
x-content-type-options
nosniff
server
cafe
age
35895
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 05 May 2021 21:00:17 GMT
l
www.google.com/ads/measurement/ Frame FD89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaSaVaUXDvwSFAnItUVFPbeXb45eBJRaGjkzlAes_WJbtPS5YN5ZTuOMckI2z6qL8jq9aCaw
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame FD89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWPQ1F0KSYLHDILPU7_UPr7KBqAOUt-7PYvzZ28agDam4-JmrIRABILqX7R5g0YG5gtAHoAGHg7_3A8gBAuACAKgDAcgDCKoE7wFP0CuIheq6Yc0Gm0ofaCcjTnpBMMll93s-vZYikbDsrwGnG5trUZoo3e4p3RjbbeWXRismhw6RXO9vabFPpArivuAOPKYf48Wxrsr59ZP6aTG6S11tvlTU4hCU4KN8eQKSSHsgRnVUZJ0vV6O5187bxB41jOoRMQj4V1Z8GHktAreyMQpUznT3qHp3FhFg--_TEJ5KLZtceQikJdHJ7pzC6bTbTfucGmWGK9_GKg8O-NN3cP05Cus8SIe9v7i5FLxfbNrRE3HRq7IrbJk_K3tVCp9ArNHSB3y1KAcLcLbjmVflyFz3wNlJfQBZbgWKMMAEp7-t0bMD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB5Sl-i6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ4rgC0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDyAsB2BMMshcaChgIABIUcHViLTU2MTA2NDkxNDY2NzQzMDY&sigh=IKRrp_A4FFo
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
get.ashx
run.admost.com/adx/ 		23 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=46599&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:32 GMT
Server
haproxy-go
Var
s:go917;c:1;e:18;hc:2
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
si
googleads.g.doubleclick.net/pagead/drt/ Frame FD89
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
X-Content-Type-Options
nosniff
Server
safe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control
private
Content-Length
246
X-XSS-Protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5460 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoM4raqKloMW-H2d3KnOyL8UuvGH0v0kKbFInlfXplx-2nQnUWP3LI702_2DfP7_O3Zz1TzoPUCpd1SwaspxfhemTGgn1ShjLX-_GLFn7XTxiYSmnPRBuc_EJ_Mq3VaEi7fIRKz2wsx-_5jepom0JUe2ThFyaBDi3nlD01M0Ck5zhNLPNrcGLMHb4y0wqaYzmJwGCyZPwMtvia6CNMrK15rvfBv5zah77Y-Ig1aJl643CcpLjHl1T4w-Ga8ngRtkNEq9IuRflZEIJGAX6ydbmOGsvq1DeayqvgyZdrJOyt2cAlwl9kkalGPGDBSGCKgSHulJJqb04VkU9xqRoQgkPPcj4REVQgne__80ZVKJS6SY78CvaWOEofIpVwQ1giVnw&sai=AMfl-YT3fhtR4rQEC92jz0zEYUNFUFkmOSXTTrN6KJL16jh_iwVgWAsqc6tfjpAqQtccNWoa1Rv_PL0nuxr9ibSWoribSQedw3QzMCs2dHpOxUFUZhALX5sjZuihUXjtiffL&sig=Cg0ArKJSzL6m0CyB0jlREAE&urlfix=1&adurl=
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:58:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
t.js
randiul.com/ Frame 5460 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
30059fe736b52ba03a1baa615cd8767728003a2d1ed1711f6b3e21bb4b2b0806

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:32 GMT
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
X-Amz-Cf-Id
S_30cfBp1eoYPXHf9MS3qnp7e1gTWioR_jEakuN935jYZ6NeqRGZRQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5460 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620056514301796"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36023
x-xss-protection
0
expires
Wed, 05 May 2021 06:58:32 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620056503243602"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
expires
Wed, 05 May 2021 06:58:32 GMT
get.ashx
run.admost.com/adx/ 		23 B
736 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=51257&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:32 GMT
Server
haproxy-go
Var
s:go601;cs:cp:cache_z_51257_neq_TR_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
truncated
/ Frame 5460 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9c38108e1d41c38a1405cce69bece237c395cea9cf21457e45e2ac498cf3cad

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame EBC4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=3162757403989719&bg=!ODulO3_NAAYXzPaOF8w7ACkAdvg8WiB9HRDxDVmcEbzuhGisLKIhX461e5D5-DCxyKGj1qSEkIRUrgIAAADBUgAAABxoAQcKAKItLQjW1B37Zd7sMr4t_ErnxRIu10N7HR71s4ozMoaToA03p45v8R6R2nB4qB_gPDg9aF4hmBmA99ZhPd2K3XPnQwBXTajEMjhcAASKz5Vq9fa_5iCRZv7g10rsw3k-P12OjDKosx_Ixm3kXdWpuJmrIlY8cmI3TEtYrnN1qNPjvk7FETlFLKD-jvLbv3yZQnazOVHKLCGuhPkj1qrmY5LKuwmZAlmqLluE7Jf3NQARwVmCVJ49C9jlRQn549ZCVZe7p5pF5XFDFKtDIyBr65rSpVwpaeSl9QYueHbRCYmLqsm3TuJJXIcOFnvBgoFK3BuvSZAXjzBO0cP4C8MYe4KURiDwu_OdOeGN8koP4tOwJOcJloBUfzhFCd7SJLLcMsAVqw51wAtU39Ghpz-4BApD_18S8W5iVUXAspgMnLs5S0wmG9ov0IEb0TKMEJ5vSTrpp0i8bwNWhT3fcGe_TQSSnX09A7BPGtbJ7KTNwthRxS5dxy5pKhkknf7hj-TcDGEnog-7FDgw8NKmv1VAgK-YNBQw7b0p1xZgFwHApsfs9QY_dVYPdLRkBAL6Uvk5fseqxo2a01VNTJKkqly0CqkIzI_kVTQfaQ3Wl4D_je_OIKBZgQkCoFBRGLtEvS81_Tf1qRFZI2dly3eMFaofyjZDkZw6IrRL57-1g_7pLF01jTkirQuFXRBGpRlboMMw_iCqwmkRrVaAlUkMKT9PKJq5g6cA8JKeb3AeE_Y1urS7jJxU1b21V6K0DI_cH5yxAPmmx98k50dHWUJG8-D2-s_hU53gMbDbm_4rDEiHgPAtgKrjCe9h_QcRhUbgyzFIyuxW47FgKMaK64m44ciN-4ED0pAKPREPvTCPi9T5fw0aN3wDULW25hKv8mQkVYyMNmbpUop15nPGm78OZYuFNkV94twLQuysqZFtus0dj9Fa7m6rWKmf9RkCfVN_IAnroT1jIib7a4bNIl4Sn5Hq2tfj30By8vG-cmzEz1lD5n2dhHfPtD-Hgs2y1aE09Kf2
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get.ashx
run.admost.com/adx/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=46601&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
d8f3158538563e9d17b8f1e736a6bba0edc169188048863bdbb6eb71a01f02ad

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:32 GMT
Server
haproxy-go
Pbk
473045-328615-46601
Var
s:go917;c:1;e:56;hc:1;r:>473045-328615-46601-0;cs:cp:cache_z_46601_*_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
1751
Expires
-1
Cookie set user
randiul.com/ Frame 583D 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=8ef9bd6b8e048d32d0b2ff4a99f285d44&cb=9723681620197912330
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5de32e0c88c0eac8aadc5019f9623bb048138e0aac11dcf58b2031fd7551efd7

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=cf2a65e3ba927092e9304bd81432fd2b73ade6f2; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
9c7r-4Ip0L37sL0kHMK1gTgGsD1kWxkuqgnWTy4Iv_WbipZEqQT97w==
Cookie set syncro
randiul.com/ Frame 0D1E 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=338836b239eb58ab68f020dc96c7a2693&cb=0212951620197912332
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=1a76394bf265802768daa716cd0c858ee713b220; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
vuo3IV7bVxBPlnFoHbAUby-dCBTZHSxXCg7lq7V3grTMjAfvM2TJfw==
Cookie set usync
randiul.com/ Frame 410E 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/usync?i=zq0eqoihjfrx9ad8e0hw3&a=5e6f139c1ae4cbad3ebc43032e98ea8b9&cb=8016981620197912334
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=97e22de14c3c747a73d1c9dad77dad99a6cbd5e5; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
5_f0oCNPdGLQuBoUyahnPkQVYgzJPiVFvlVpeg9lbNu2Zzi4RKZjkg==
Cookie set stats
randiul.com/ Frame EDCB 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/stats?i=zq0eqoihjfrx9ad8e0hw3&a=18cf07a61619546a36c7e896f40ac6257&cb=5701391620197912335
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=0cfe88b5e022b9a8bba7ce4a684baf2cb348b27c; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
0RqxCnvfx-m5KcTk5Ln5iWYhQJxt2W052ZjlY6vUwsbJZcR5COrtzQ==
Cookie set usync
randiul.com/ Frame 8738 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/usync?i=zq0eqoihjfrx9ad8e0hw3&a=3f499d6a7bf8f602abf6be5feb7273b25&cb=7373141620197912336
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=79da59f5b53d49ff92ccb579327028bec604a896; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
1xuaFTSLqOFzQNllIC5D8uCXUQ2ij-GGpoyRqejKDK4Wl7BA29mLlg==
Cookie set user
randiul.com/ Frame 269D 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=f2c4e28747c8df2380f8160d234201fd1&cb=0160311620197912337
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=8590d71a2099c51efd6eb0ec830ec534a39660fc; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
m8SiNjc0QKgDckNscov6Bn5z8wO7dYRQzCekbxWydP0gjvromUNz_A==
Cookie set user
randiul.com/ Frame D8EA 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=d632e1ca224d67be481c7981c0a176605&cb=5521191620197912338
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=a51282caae8e4e230eef9fe8ad28a4978c68f0d3; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
m29EiwMrDRI6phY_NFmg5ss9la5oohFrRw8JOtT1f-6x3RW1nZuz6w==
Cookie set sync
randiul.com/ Frame 84A5 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/sync?i=zq0eqoihjfrx9ad8e0hw3&a=01112305d45c5056cbc035f5fc57d3bf5&cb=7352291620197912339
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=f9c6a9fbfedb299b28ae5941e4e13f7993f0aa76; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
f3M29G9WQC8TtQf8ALoqprzWyuHasdgxwMUj8oaBA2yvD34ocj-eFA==
Cookie set syncro
randiul.com/ Frame 82D9 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=e783a21ce56e0f1acea725538d6aee661&cb=0655181620197912340
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=6ffd9373dc13730975636cc317170ed8a0289a33; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
vYutUPOQhJiwBHw0Lf0hb01V3DujYkC8iNxN8kUiUdOTQ9WNuLisZQ==
Cookie set user
randiul.com/ Frame 4A97 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=3dc8884a491de59d16b77a88945d48e49&cb=1381441620197912341
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=387032952f286db930b116623f6b91006e88c034; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
gMH4JNfrrOCoqm_QvKkk02cax67nMKBHH3YrVQAGVaqoDu5pnt0TYw==
Cookie set user
randiul.com/ Frame 883A 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=7053a6ae81a2e63879a3b9be890e65827&cb=0218251620197912342
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=70c210cef73a3de12d7afc98b2819e9f5c3d4c7d; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
WR-ol24sCb9IlJd6vVRvQuE096rahfiRUVbuvFG4pKSgeUEO2dq6Sg==
Cookie set count
randiul.com/ Frame BCE4 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/count?i=zq0eqoihjfrx9ad8e0hw3&a=cecce1f1c5bb204b95519946123c157b3&cb=0252191620197912342
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=1cab360850af5602c5494687bad78af88d9982ba; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
rnqS4_FIIx1lzmcUodDvUCOf6VOM9Ma94YyNbCXGQR2vXYanHKSrGw==
Cookie set user
randiul.com/ Frame 0A33 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=31cd47ff3d08c30def2fca0fb13e6dab1&cb=7307121620197912343
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=b7c9ed2b661ae76a991d6b7e1b671c495aa8f169; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
YxWIM0BMRzdFtYtu7LFh9IAqPIgiYXKt_NtfvXaW7JrBfuvalBNcqw==
Cookie set async_usersync
randiul.com/ Frame D10B 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/async_usersync?i=zq0eqoihjfrx9ad8e0hw3&a=ecb56141ce8fdaa023ddf833e29988cb7&cb=9768171620197912344
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=7e7b2f77b31665b3834e47c7323edd978fce2dec; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
yEIqKwQkw_HRTHD3gRdNe30LGCue-4WG90IRpZgjHd9rk7wjg9RxnQ==
Cookie set counter
randiul.com/ Frame 0845 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/counter?i=zq0eqoihjfrx9ad8e0hw3&a=ff96599e11d24f608b64deb3cc47ac9c1&cb=2915131620197912345
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=c976d2a778bcd410baf5921f26c692ac68d1af2f; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
yI-822XEZW6o8hmg_ERR106KaSwTBPxt1bAonfN728DRfxuyCGLsuw==
Cookie set usersync
randiul.com/ Frame 61BA 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/usersync?i=zq0eqoihjfrx9ad8e0hw3&a=46e0bed5c89fd1e248e629a10d5ad0f95&cb=4837381620197912346
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=86ada1fcfbb6ed6758821e4771d298d9b9960c25; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
DtzgW_B39a_h6Mb6S5-J0l_50_nawl2dSqrTpwyilR8NEVU7wVAb3Q==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: run.admost.com
URL: http://run.admost.com/adx/get.ashx?z=46601&accptck=true
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
d66dc6840a8eadb430f444575c3d5b03b37c823a10b42edaf12228f4b7d8bc46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"862 / 208 of 1000 / last-modified: 1620166139"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21155
x-xss-protection
0
expires
Wed, 05 May 2021 06:58:32 GMT
integrator.js
adservice.google.dk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=arsiv.mackolik.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.mackolik.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2953133834302545&correlator=818462811732997&output=ldjh&impl=fif&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Cleft_sky_kule_banner_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600&cookie=ID%3Ddd16ec243c38cb19-225459f307c8000d%3AT%3D1620197911%3AS%3DALNI_MYUyIIG6IOXw58_LHJV2KUcyXbmMw&bc=23&abxe=1&lmt=1620197859&dt=1620197912403&dlt=1620197910379&idt=1063&frm=20&biw=1600&bih=1200&oid=3&adxs=150&adys=0&adks=267919333&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1600x1819&msz=120x-1&psts=AGkb-H_4_9rx1EgeDceUgTzqBJH9JV8QLmOeLUbSgq6L9lA6LovUu-LfsAjqfIhEHEVrz0WEdz4eEzOlFGx25KQEPGE&ga_vid=818289258.1620197911&ga_sid=1620197911&ga_hid=1736844548&ga_fc=false&fws=512&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
19b1fd9fd3e3ceee3544fd8171ae9ba68c76f81d400e32c5e4bee821ce10d4c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4286
x-xss-protection
0
google-lineitem-id
5592962289
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138337228196
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		467 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2953133834302545&correlator=818462811732997&output=ldjh&impl=fif&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Cright_sky_kule_banner_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600&cookie=ID%3Ddd16ec243c38cb19-225459f307c8000d%3AT%3D1620197911%3AS%3DALNI_MYUyIIG6IOXw58_LHJV2KUcyXbmMw&bc=23&abxe=1&lmt=1620197859&dt=1620197912404&dlt=1620197910379&idt=1063&frm=20&biw=1600&bih=1200&oid=3&adxs=1290&adys=0&adks=1264633616&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1600x1819&msz=120x-1&psts=AGkb-H_4_9rx1EgeDceUgTzqBJH9JV8QLmOeLUbSgq6L9lA6LovUu-LfsAjqfIhEHEVrz0WEdz4eEzOlFGx25KQEPGE&ga_vid=818289258.1620197911&ga_sid=1620197911&ga_hid=1736844548&ga_fc=false&fws=512&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
535db9e927c69a50d41d640b27ac3519de1f846b730889f94ac81a0a2ba83179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
footer.png
im.cdn.md/img5/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/footer.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
574f4a4a3338f3d2972c605bdccef07a223aa0bee14fdec68a8f7a4a41254273

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:32 GMT
ETag
"d3da7f33e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:29 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47965
dimml.js
cdn.dimml.io/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dimml.io/dimml.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
baa9495d62f57a51e558c8eed6ee3c00f83b86a6cc22773fb540a151515f2372

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-NZT
AcO1rzJ3gpTvdAgBAA==
Date
Wed, 05 May 2021 06:58:32 GMT
Content-Encoding
gzip
ETag
W/"89b16e35ecc3"
Server
CDN77-Turbo
X-77-NZT-Ray
GNqq9PZuu7g=
Transfer-Encoding
chunked
X-77-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=86400
X-Cache
HIT
Connection
keep-alive
X-Age
67700
X-77-POP
frankfurtDE
Expires
Wed, 5 May 2021 12:10:12 GMT
hotjar-314584.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-314584.js?sv=6
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-23.mad50.r.cloudfront.net
Software
/
Resource Hash
2daa16355e9f256003ba9f61924f2d18c8d4ad2d8a5718ecddc9f46ce8c4a8a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:19 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
13
etag
W/a2ee9ee4ca422fb3e8e88cfd15b96a5d
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
MAD50-C1
content-length
1520
via
1.1 803bb8de3c7a92b10030fcaaf02a53d3.cloudfront.net (CloudFront)
x-amz-cf-id
3cX1Yg2uvJMdcOCsM_80DXfpWQOchKRk7_ebkXRxW8LDkXhQhQkBdA==
get.ashx
run.admost.com/adx/ 		23 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=52231&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.3295138192532858
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e05877ec1cc3a0f91bd0726fab6baca1bbf8caf6048941bd6fbf805088e357d7

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:32 GMT
Server
haproxy-go
Var
s:go593;c:1;e:44;hc:11
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
prebid_v4_21.js
hb.adpone.com/ Frame 583D
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=8ef9bd6b8e048d32d0b2ff4a99f285d44&cb=9723681620197912330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cufzHRh7HjGL3GLBRNWU5sRMmVSW8r4qV9lmEmphVNI2iK7M%2FcAnKZVenlSxDPGrBllZF2lE9qukiTbp95MD5LHQ3U9osqz1aWphIK9cZCg1VoEoWT%2BHkq%2Bi"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb47a700002c32591a2000000001
cf-ray
64a814b90f622c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YP6aZE%2F2ljovxG006DDW3sbRYuRha%2F0FPmAtPiZIkJnpLXp5TBjVxztYD5ynwr6y0aqpX3CSPgrvXa5MtEN8EkvX%2F56DfHQmHWomQTyrKMSgtjdmTPoJQwRz"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b8bcb8c277-FRA
cf-request-id
09dceb47710000c277a3800000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
prebid_v4_21.js
hb.adpone.com/ Frame EDCB
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stats?i=zq0eqoihjfrx9ad8e0hw3&a=18cf07a61619546a36c7e896f40ac6257&cb=5701391620197912335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jTNaOiTWtt1iI3%2FBDnFcU%2F%2BzIAcdLaVuQIi2Dnm1ne0gvOcJ3Vl1A25t9F9fsDWz0TBX8uIjwi01XZKM8Sj6aohfiL1p0YubilwPleKumd3vxR4blVK69i8i"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb47a700002c32729e1000000001
cf-ray
64a814b90f602c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zYdD67NIxA2UvoMyTi0MQhpWkxP1Kk7uv6oDy7VSRmZx2qqDUPP63EyL0BMNkQOCnBcPrewXy7oh%2F33ULZr%2Fk6Fi2A%2FYq3MARq%2FNW%2FasL%2BvS7fgARzNPzio%2F"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b8ce23d711-FRA
cf-request-id
09dceb47790000d711220e6000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
eb580be1a62d586912203fcb6fddc20712ea77b0.js
cdn.dimml.io/static/ 		611 B
817 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dimml.io/static/eb580be1a62d586912203fcb6fddc20712ea77b0.js
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e3a18f24b2e9053869d6fb6745303dd7289043df0a84c92c1c71aee1e27f57d5

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Wed, 05 May 2021 06:58:32 GMT
Content-Encoding
gzip
X-DimML-Version
2.2 vH8ffFv9
X-77-NZT-Ray
iRH5hK3o4ag=
Transfer-Encoding
chunked
X-77-Cache
HIT
X-Cache
HIT
Connection
keep-alive
X-77-NZT
AcO1rzKuIPnvMQAAAA==
Server
CDN77-Turbo
ETag
W/"ed29949a5ef8"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=60
X-Age
49
Expires
Wed, 5 May 2021 06:58:43 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 410E
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usync?i=zq0eqoihjfrx9ad8e0hw3&a=5e6f139c1ae4cbad3ebc43032e98ea8b9&cb=8016981620197912334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zbCBsRYI2yUiItCGzemWEAoG6KGT9So8RXSaw0nufhU3IcAfSeGuZf8Vwu0%2F7hVxZb60w%2FHCHuJqGj57tHv5w5XSTigwA5NkaCBjy%2Bwk0RU8WB%2Fh3hpga3Ie"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb47a800002c3234305000000001
cf-ray
64a814b90f632c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FbciyR2yEEt4KG6Lk%2Ftan1tBdT2anbNd%2F%2BDjqILhAUfpkB26ofb0czvAKlRtSYKibO1%2B9L4BwWChv6xvFGFAwmjtUk4U1OOFD0fLXqLp0hEsxzRWrnLh9YhS"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b8d8db979c-FRA
cf-request-id
09dceb47820000979cf39d9000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 0D1E
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=338836b239eb58ab68f020dc96c7a2693&cb=0212951620197912332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bmZpIkFOR0NIP5b%2FNwRjeK3XCaRy0ScrquOVKhXlGMpTUvf5cX%2FB5Ko9mPI%2B1eUIMTEIv4g1lXUrH%2BD43oWJ2%2FIqTMs5Tla0KTY3zu7Z%2B%2F40WAloLhmyOOnM"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb47a800002c3265bc2000000001
cf-ray
64a814b90f662c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uSE4DCEI05VKz%2FanxGBnlEF9ye2Q6i9OqrkAMoJAkrn9qwMbqeTSj%2FwX9OkoJG8BsQPeGOHIri%2BxfY8JqHAbpXRarz8snjeqhE7msNsbTtiaOBtcTu9b639E"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b8de48d711-FRA
cf-request-id
09dceb47860000d7112a8f2000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 8738
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usync?i=zq0eqoihjfrx9ad8e0hw3&a=3f499d6a7bf8f602abf6be5feb7273b25&cb=7373141620197912336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bz9ZSdKqGtm51bHtfdcGq0y6gIv7Ji2jnKNRenGLtJztDEb49bzgOM5PlEqm3kPYqOC%2F4mxAz5g9aHFUbpSxTVOiJbRbc8U3T%2F0%2FsBbxBD2E5r0ADXwoxLbm"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb47a800002c320c107000000001
cf-ray
64a814b90f672c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Bq%2BnJWUqw0vbTTGkXWcdPiXOAcw%2BvdJM3ZQOhKlb1HPbMUTskzxlC0jp9K9aMrkW1Si0cBv89VC90yrYKH%2F%2B7AHf%2FBkY%2FU5NOM5rJwYMLHAWoL7DSuC4JLP"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b8dceac277-FRA
cf-request-id
09dceb47880000c277819a7000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
pxl.jpg
randiul.com/ Frame 5460 		597 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://randiul.com/pxl.jpg?i=zq0eqoihjfrx9ad8e0hw3&s=528&p=http%3A%2F%2Farsiv.mackolik.com%2Fdefault.aspx&rstk=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&h=3144701620197912461
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:32 GMT
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
Content-Type
image/jpeg; charset=UTF-8
Connection
keep-alive
Content-Length
597
X-Amz-Cf-Id
rcJ_hrLofUbF-hDyTPeYXmO-fQzCTFSGUWSLpIlsqPDTn1TuHEKSyA==
4d984be9c3958ae34c902ccc8164863b1d4b6019.js
cdn.dimml.io/static/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dimml.io/static/4d984be9c3958ae34c902ccc8164863b1d4b6019.js
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
709edf07ebabeb5d4a2e3a0e7ac5fc920b86e8c8bfc27d5440f7b760b292953e

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Wed, 05 May 2021 06:58:32 GMT
Content-Encoding
gzip
X-DimML-Version
2.2 vH8ffFv9
X-77-NZT-Ray
i0vUMyJbpMo=
Transfer-Encoding
chunked
X-77-Cache
HIT
X-Cache
HIT
Connection
keep-alive
X-77-NZT
AcO1rzIV67bv6AQAAA==
Server
CDN77-Turbo
ETag
W/"d33a15f8e33f"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=1800
X-Age
1256
Expires
Wed, 5 May 2021 07:07:36 GMT
prebid_v4_21.js
hb.adpone.com/ Frame D8EA
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=d632e1ca224d67be481c7981c0a176605&cb=5521191620197912338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DJAbeAxUkLZtVJI3O56%2BBpTnZqkzVYIQKKWN1AVjzoiwiIBHjBe6VbKWA%2FK8hQOdFc7dRFwl0B8%2BZ9y9yG4%2FJZABUyvNh5CyEhTJb0YDwlt7mMSWURAf%2BCj4"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb47ca00002c320e074000000001
cf-ray
64a814b94fc82c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5zqlFyJYn1Iw9teFjdlRAogBSeLwhoibdaNTlgnXTRvErkyVZzBr%2Fiz%2F2WL0jwbrTqyA7lOZ%2FbgAz%2BMU%2BKRXk48DeoobllJviZ93OtSLa9R9dpiFr7%2FD3D4g"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b90d31c277-FRA
cf-request-id
09dceb47a40000c27782a5c000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 269D
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=f2c4e28747c8df2380f8160d234201fd1&cb=0160311620197912337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ucAuHrWVWBwOimo9ubcWHSfVHM5igdLMQTIWxunf%2BMlEl4pbLXOTrTlv8SvbbjJgUfonqqNXdXvC16ZqxkTJSJLXFlfMGCcG5CfTaFcEGk6m3KUffeTN7oPt"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb47cf00002c32729e4000000001
cf-ray
64a814b94fce2c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oREZbAzbe7B1QuLcEyU6vmIsCRav5X8Rkep66zHOJDWZOPcrPoc4lf7XC0anlhmugCV%2BwvpIbaT%2BeeP18uim9UPAkaSLoePGtaYdzMi%2FiQ4jlZi7Na5IfBOB"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b90e8dd711-FRA
cf-request-id
09dceb47a50000d7110884b000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
rup.js
cdn.eksiup.com/api/native/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eksiup.com/api/native/rup.js?column=1&_=1620197912506
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e819dba55e363c3ff35efb9ae33c236175dc6f5ae7ee1bd7625a90fa69c620f

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09dceb47bd00004de2a8893000000001
last-modified
Fri, 25 Dec 2020 07:20:54 GMT
server
cloudflare
etag
W/"5fe592d6-213f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F%2BNNEiZpLveSav0dsF5Mep3uIV1VuSBN%2BpeDuf58h37UswF8TTqkqhTSQXM2mcf7azKhbUXktZTHR77g9EHmgCcgG%2FTfaJ0VYPk4PutF%2Fd6AqeNxMTBVt7AScA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
64a814b92df24de2-FRA
expires
Wed, 12 May 2021 06:58:32 GMT
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame 80F4 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Farsiv.mackolik.com
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
556476
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 05 May 2021 06:58:32 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6760)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
slider-left.png
im.cdn.md/img5/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/slider-left.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
ddc21f2e288de35020ce7562ae82a1f3f1716996ccd3c52747b4fda5f2136631

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:32 GMT
ETag
"4b99b03619b1cd1:0"
Last-Modified
Tue, 23 Oct 2012 12:23:31 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1071
slider-right.png
im.cdn.md/img5/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://im.cdn.md/img5/slider-right.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
116.202.218.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s5.cubecdn.net
Software
CCAcc (1.0.1/frk-s5) / ASP.NET
Resource Hash
f9cc986ad446124bd63a173147db95b5736f89ce93d212db264049dad917211d

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:32 GMT
ETag
"6be7b03619b1cd1:0"
Last-Modified
Tue, 23 Oct 2012 12:23:31 GMT
Server
CCAcc (1.0.1/frk-s5)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1070
4d984be9c3958ae34c902ccc8164863b1d4b6019.js
baltar.dimml.io/flow/pkdn/ 		0
282 B 		Script
General
Check archive.org
Download Go to
Full URL
http://baltar.dimml.io/flow/pkdn/4d984be9c3958ae34c902ccc8164863b1d4b6019.js?clientId=2&dom=arsiv.mackolik.com&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&gemius_sent_once=1
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
54.229.148.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-148-178.eu-west-1.compute.amazonaws.com
Software
dimml-2.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 5 May 2021 06:58:31 GMT
X-DimML-Version
2.2 vH8ffFv9
Server
dimml-2.2
Vary
*
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
0
prebid_v4_21.js
hb.adpone.com/ Frame 84A5
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/sync?i=zq0eqoihjfrx9ad8e0hw3&a=01112305d45c5056cbc035f5fc57d3bf5&cb=7352291620197912339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ziygyZcg0wIf36yxbJdgLxiUXSNZ5EVYoHwv5WHbAIilvwe0vJIuZF%2FebvaLyNyGJV6%2Fw%2F8qu%2B4z8oiiiOiZQdgwxd8kEs8rKt9g0EAyfNP5O%2FlhB85h0Z6W"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb482200002c3244a6a000000001
cf-ray
64a814b9c8c62c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m2%2B9Sp%2BwjCHtkOMBQY2jv6MuYqvNo8hRvyxIxlSB3E0nUmlR0eb%2BhBDVeekngkmOfXDc5r0%2FfGmP9Pqx93nCnrHzDVcpZ95UUj718q%2BjgiXVvlS1YXrW2LFH"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b96f23d711-FRA
cf-request-id
09dceb47e10000d7111fac3000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 82D9
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=e783a21ce56e0f1acea725538d6aee661&cb=0655181620197912340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BE3%2BAiy6u6IOgdq%2BfIq8jm6ak1CIHO1uqrhVM1Vo6BiN398RsyFbcK6y4gHILv6I8TWNZd5R7yct10dSICgYpsLfrpcQZ0yktYhZcD7CPaI%2B9AUYAsdUmtdl"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb482200002c32fbb9e000000001
cf-ray
64a814b9d8c82c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=26ZiPM8QJn00FHhNmD0qTamoPLcaei%2BKa%2FuzAaDc1IEgWmc7rY8EEc6nNftQG3RSirS10zjdEg%2Bvv2jmiA8nOu6O%2Be9Pzthwlw5QZZshSWy4A1elr5%2B9PsoC"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b96ddcc277-FRA
cf-request-id
09dceb47e20000c277d908f000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 883A
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=7053a6ae81a2e63879a3b9be890e65827&cb=0218251620197912342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U0ClxvbNrXL9CewiDqOf4412ZkYU4HgweiBwU%2Fy7Lkjb0SH486dmKu1ajzKoVNFLB7Yt2ZgndiE3pLniNEKFhCd8TdX2D12f0W2iuITZGiI2LCnBKK9A90z%2F"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb482600002c321d227000000001
cf-ray
64a814b9d8d82c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ts2BHzSCBE1AJ6nE4PEGVQ%2FReUZVB75Ay7nw813mct2ZDTwekVw97Pkiv77EPeh9AH4JnrxOtCeyHIw%2BqMfJ1iz7Ml8fhszK2jQRQiXbOW1cZGTl3Unyf48Q"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b97907979c-FRA
cf-request-id
09dceb47e90000979cdc947000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 0A33
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=31cd47ff3d08c30def2fca0fb13e6dab1&cb=7307121620197912343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vT3BaAWa5EGgRepq%2BFF7zJkBoqPHnviEIuHvxGiTEcybUcyc0KZRbSfl0K1S3XDqjWcwLKFl4F4byMeSag1z1nZfT%2F1gH390O8E%2FxZ14hoeYp%2B%2F70D8DhOU%2F"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb483100002c322c11b000000001
cf-ray
64a814b9e8f42c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5lH8AX%2BfZPxMRlQVqk7ep340v5WEQkjsi8Z5qmvicX%2BdohIJaT7Vw3fSmORVKp%2B7DcsRBZSj7J2xVY5VCl0s5CMYV0vafSp%2BZO3OrMctlZ5gTE46uEmY2uI8"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b9b921979c-FRA
cf-request-id
09dceb48140000979ceeb20000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 4A97
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=3dc8884a491de59d16b77a88945d48e49&cb=1381441620197912341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NpRMfvXQGozg7ra1H1CcJvbLCLZu3vN5OBrN23rAmVnWvZyrOj1o3lW%2Brc%2BWW9UbGUObkgJxUedGrMEv42P4I%2Bis%2BVzZetyQ24TZvXMb9w2bsG3Ui4duingI"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb484d00002c32510cb000000001
cf-ray
64a814ba194f2c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k2lGaqhNLFg2BFTmRdDSIgDYaxgAEpVio%2FXp%2F1VGNghZXV6glncKmdQ1jMiHncAFXLR1LONvN4BToixtkvTYkn1NHRSSHiLX%2Fq3oOSf3qG7Hf9uZyJYe3OD1"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b9ce51c277-FRA
cf-request-id
09dceb48180000c2778db8b000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
prebid_v4_21.js
hb.adpone.com/ Frame BCE4
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/count?i=zq0eqoihjfrx9ad8e0hw3&a=cecce1f1c5bb204b95519946123c157b3&cb=0252191620197912342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l%2FjQLFYnSed4fvbHX16OhDnlft6DeWUoo%2BS8wNMrnolLhUTy4I%2FDexIq4%2FRDJzji28Ona7nGpocTRvXeOt2M%2FOJmadzh%2B4F08fw%2BnoxLRc3HeJFc5q4u2tga"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb485800002c32fc1a3000000001
cf-ray
64a814ba29622c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5Fn5A8kqTgXupsPn61qaRY1gyJ%2B6sjb2fuVEbVw8qj8WW8HCV2wqoSf3Nz2uIibZ3E4rZVrdZnwzJru7gg2uThF4GQRCl6gI9a8TUyqsZRRK3%2F3h%2FxRDgvsO"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814b9cfa7d711-FRA
cf-request-id
09dceb481d0000d7118c8ba000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2A54 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLq-rXAhlQwKhMnpSKu-Zk1_hEb87PJtcuZXepVkWgHtjm6hP_F5YbvCoTwOquRj99R86pVt-_ODrL8QP3TFFHhKLHw6iQHjIlxIv2PGp5dlJa3L64uxrB0MExX_og_GiSt7Ok80-K_QdHug-eN13sfd3FwCDDyT900RQofqsS5Z6iEHd8wmDeM2iJVN5erund4xG6mmdup11o0KOd4XyRlT68qe6TRW4qJAZEl_Ud3ymxIR4XXuW-swz8syKO34vDvz--ZqCpe468dkGDjAY8AfIkyCV4FFxYVPbquXTrnVNMLQZdKrN6G6ldQXvpbhDJRtdd-hhuQbfnmfMvwzTaOoEf8JAfATticTJa98exnvXvznkU1efZ&sig=Cg0ArKJSzLOBS5alQkO7EAE&urlfix=1&adurl=
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:58:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
t.js
randiul.com/ Frame 2A54 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0fbb0f3cc4acc6cc02783efa87f41a41c106ff4a16ca15a26a9282ffaf55958c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:32 GMT
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
X-Amz-Cf-Id
3dXYrI7zbjVK2Tv2TG2aOddLjFJIXy_0ZPg2WjZ06yF0BIjUeqggHQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2A54 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620056514301796"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36023
x-xss-protection
0
expires
Wed, 05 May 2021 06:58:32 GMT
/
adx.adform.net/adx/ Frame 583D 		5 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTk1NzIyMCZ0cmFuc2FjdGlvbklkPTI1YzhmYjU3LWIxM2YtNDgxNS05ZjgyLTQzZTczNGExZDM1ZA%3D%3D&pt=gross&stid=1bbfee15-cae6-49b7-9b74-f79c796a27b2&fd=1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://randiul.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
bid
ap.lijit.com/rtb/ Frame 583D 		94 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
a36d2783b76f102e1a222a4e74a7a85435f3d5567663893c72c1c5eb13d80ef5

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 May 2021 06:58:32 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v2
i.connectad.io/api/ Frame 583D 		0
0
cdb
bidder.criteo.com/ Frame 583D 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=87613096673
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://randiul.com
date
Wed, 05 May 2021 06:58:32 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 583D 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6b332c513c3c2b26ba403cc70c0f497cfe340849107814ead09f37f97d0bfa94
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:32 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.232:80
AN-X-Request-Uuid
ad6e2687-f397-4ea2-8235-554775ee9e7c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 583D 		172 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Farsiv.mackolik.com&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=25c8fb57-b13f-4815-9f82-43e734a1d35d&nocache=1620197912640&schain=1.0%2C1!adpone.com%2C39a22c8928f9976dbf1f%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1620197912420&auid=543870366
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
e4e15130fc7346fd63867b471eea31d6f963ef06c40b7b92aef42ff18aa863b5

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://randiul.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 583D 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1950012&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,39a22c8928f9976dbf1f,1,,,&rf=mackolik.com&tk_flint=pbjs_lite_v4.21.0&x_source.tid=25c8fb57-b13f-4815-9f82-43e734a1d35d&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.7862302352056636
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
034fbd1d732f876e804bc88fcdf198fbc35eb1d20dddfe549f4b697deda9a49f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:32 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://randiul.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 583D 		566 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
40dec174aaab79ae411c5fb19047fe06148ea88833bf6bf85e2e4e5d43071095

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b17%3b79
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
http://randiul.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
adjson
ads.betweendigital.com/ Frame 583D
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=8732287839657384&tz=-120&fl=0&rr=false&s=4022876&bidid=18c87a54cd58548&transactionid=25c8fb57-b13f-4815-9f82-43e734a1d35d&auctionid=1bb...
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=8732287839657384&tz=-120&fl=0&rr=false&s=4022876&bidid=18c87a54cd58548&transactionid=25c8fb57-b13f-4815-9f82-43e734a1d35d&auctionid=1bb...
2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=8732287839657384&tz=-120&fl=0&rr=false&s=4022876&bidid=18c87a54cd58548&transactionid=25c8fb57-b13f-4815-9f82-43e734a1d35d&auctionid=1bbfee15-cae6-49b7-9b74-f79c796a27b2&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com&crf=1
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://randiul.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=728x90&jst=hb&ord=8732287839657384&tz=-120&fl=0&rr=false&s=4022876&bidid=18c87a54cd58548&transactionid=25c8fb57-b13f-4815-9f82-43e734a1d35d&auctionid=1bbfee15-cae6-49b7-9b74-f79c796a27b2&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://randiul.com
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5460 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHVKmaH468C5nn-n3RVDrYzY1RLmgU94--LWTpITJ0FAlvseU2dFCWfgId3FcWAZLOx6w0NLvQAfY3fI9Z6HVNhzPiFg4ofET3bGPbbtUhzieomYbmIv6w7Pc0jaaj06OtmBTvvSQxUn1WzH786uVlq4zlz9NqYEAX_ojMqmlxbYqwrgAPos3vrspLEF8hPTALjB_5HhgirqILAvJTorIRd9UWUmGLJx3pn3xqK6An2XAUQuu-eaO3nzeVtjFq920xu0tHOWsfTDpSpqUv5WxUIqgsHad5LjLyyfLXNp9wRdWWOWpuNH_sDUg7hF_vDOnoBHcbPUOJep2RWHw8jiQeJYhioKgLEXeDYCS0kNiIVtAzhK4&sai=AMfl-YTxQcoXlJc_rmAOZ93Xh6YgFkMWI1qYn8N9Ls2BhaFF5-JVfkKi4-NijkBy8IBP0s_OaPIyy9SiI4PoGXcjhTyDH82enXDXtJwGKtvZLh7_Ul-grTCmut9HEUdLEHNi&sig=Cg0ArKJSzA-jWBlFaHtZEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:58:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 05 May 2021 06:58:32 GMT
prebid_v4_21.js
hb.adpone.com/ Frame D10B
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/async_usersync?i=zq0eqoihjfrx9ad8e0hw3&a=ecb56141ce8fdaa023ddf833e29988cb7&cb=9768171620197912344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xy9gRTkhQzBtRMBFPf0zP%2FVU%2FSHalkHj2C3gtxNjeHM8eIT6KaYA4e4bywqgDfsfxHQAz59qzeO3kiO%2FZJbG9Dy5Srnc9NIqWrakKwAr%2FtVKjPb%2FYjnq8j4b"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb48c500002c3227b36000000001
cf-ray
64a814bada842c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U2cdFflnNiEL3hjdNGUJXbiT4qa%2BRDU%2BBKo%2FYRoFWIPlELxhqArr0sVr3laCJJ82GLULBHUC2PhuX%2FfZi1P2zVSnewKsw3O%2B%2FeVo3UCSnB6IqFekHBi4%2BCeY"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814ba789cd711-FRA
cf-request-id
09dceb488f0000d7112f9bc000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 0845
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/counter?i=zq0eqoihjfrx9ad8e0hw3&a=ff96599e11d24f608b64deb3cc47ac9c1&cb=2915131620197912345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A2hkeDjZUsgPyv3xG4%2BEtBjH%2FjY9Lbph6zztO4taCG7o%2FY9ELRYzNNAl%2FUjuAk%2F4OpoLTEL4i8D%2BSS6A44TWJbeRcwRcxkng7B%2Fxrz5pcEUiNueCbeZlO2ii"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb48c800002c324c28d000000001
cf-ray
64a814bada872c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FheAByKUmnIQk7iWeagZEVBOuNg%2FlQynZs8HzZr8m9ozO3od5gfsW6S1VjIt%2BoUDyLAIhGgzuZmZ0HnMTnKl24jPZAdRmRRAGUXwg%2Fox1hRXjTC1dZtC32io"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814ba8f83c277-FRA
cf-request-id
09dceb48930000c2779b361000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 61BA
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usersync?i=zq0eqoihjfrx9ad8e0hw3&a=46e0bed5c89fd1e248e629a10d5ad0f95&cb=4837381620197912346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4060
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=opGU%2Biw0tJRusG5YQ3oY3qLxF4vbRLJHeQJGDq41R4TmOENFzAbE%2FZ8Y5IjLALKI%2F5EXT%2BrEzmuUuc8%2F%2BDCSEJan%2FoRDleWIPaaF28OruxlAUMm1%2FzMWu3ZH"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb48c900002c32fe156000000001
cf-ray
64a814bada8d2c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:32 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lwCjHXZ6hUt4xCOqcuYOh8IdNr082Gvy9zzqFRmPW8XUcu9oVDn%2FgjER3M7MQj8xc9Qct1A5l9CpQYFc4t75CoS0db1QeORkmdCnhZ4FGxRelyHcd3GoYl1G"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814ba894c979c-FRA
cf-request-id
09dceb48970000979ce6a48000000001
Expires
Wed, 05 May 2021 07:58:32 GMT
truncated
/ Frame 2A54 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ddba1b88761ecbf8a4fea3fb755c052acbcaeb5d5653aadbc01e44f6aa5896d

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
modules.7225c79fe4e29708c611.js
script.hotjar.com/ 		219 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.7225c79fe4e29708c611.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-314584.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-125.mad50.r.cloudfront.net
Software
/
Resource Hash
bb5824e55fb08d11d1bbcc144d776acc19dddf21298c684ff143c1b0cfd046af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:17:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
70884
x-cache
Hit from cloudfront
content-length
59087
access-control-allow-origin
*
last-modified
Tue, 04 May 2021 11:17:02 GMT
etag
"5a825663eb0181940c9c8432508f6197"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 803bb8de3c7a92b10030fcaaf02a53d3.cloudfront.net (CloudFront)
cache-control
max-age=30758400
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
LJ5PBPmUJBZJnD1icxeildtdKThZOgoUc77K-vGtVd652Qj1pWbWNg==
box-5e3cec51ed8e99df6977c199d27812d7.html
vars.hotjar.com/ Frame 8661 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-314584.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-5e3cec51ed8e99df6977c199d27812d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.mackolik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

content-type
text/html
content-length
684
date
Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"4e332edbbc3b46800c87f197cc7d3bb6"
last-modified
Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
6SZzQOGwpHOgx-IJsto4MlnmWUv6WWY2SIgDA77yXqxRtJm-9QQO0Q==
age
3077280
Cookie set usync
randiul.com/ Frame D8B8 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=d050c52bdd6883ba985109b9a8c8dbfc8&cb=6384361620197912845
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=edca5e304ed9b1af0557b4b1136ebbe36bb60b6d; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
0PXhu30GCy554XRtAOceTvy95vysVD4nvrY8ebkwHatLbeF35DyzsA==
Cookie set usersync
randiul.com/ Frame F974 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/usersync?i=ojb32u3hlwggqu144yrdx&a=52f6a328dbddd0d88897f54da3db11385&cb=2676651620197912848
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=9e71000dd58b8896dd940513cd35e0eab64f015d; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
MD8VMyVMGImgrVVxxBbf6ME2kaAt5u1JDQ5INR1MUxXXzdwSG-Puwg==
Cookie set sync
randiul.com/ Frame E781 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=265e42e3ace33c8282484bff3757965b1&cb=9599711620197912850
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=8a73ceccc4e688b8065b61a8990952b3ce2c070a; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
JyYeZ6-K37cR28-bbE-mWuzvrxZika6E2ni8m10G-NalRGW9jdyNCQ==
Cookie set usync
randiul.com/ Frame 3F3E 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=ae7a4d7162c85e5c88a28e14dfee11201&cb=7791831620197912851
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=9b45c13312a95cd58341c283fdb9fb2f45b5270d; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
yojrW3EREa0QVHY5cN4UhQJdDjQrZteImBIF9xekigNJ9TNXBADvNg==
Cookie set syncro
randiul.com/ Frame 81E3 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/syncro?i=ojb32u3hlwggqu144yrdx&a=372391a348f7da1692060bd764e144631&cb=6726021620197912852
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=f49dfe20a095c3affce04285a409532709cc7aff; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
gADznwT5S03kolGd2FtcoMKoN4-aRIgZgQ782i4OBHut1LN17Azhnw==
Cookie set user
randiul.com/ Frame 2F29 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=f87e5c8f7cfd18312c8b3d901f50f9d19&cb=9949931620197912853
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=2f75aae49de5cecc0ed5894b4b0126d1b8870ce9; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
iPq82HgXVp41vwZzPf_-V6P68kbT7Nt2Q_o-iVH8Sxzlpdl7t4Mi1w==
Cookie set stat
randiul.com/ Frame DEC1 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/stat?i=ojb32u3hlwggqu144yrdx&a=c09dbd0f7246aa15e66d81153fb482b41&cb=1235801620197912853
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=544a0cf3a19eff80ce24479e8e22085a87193d83; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
DcYxuDXhsA1QmhZBWX-us9tJdtNBuLe82ss6K6eGxMRQU37n_bVBfw==
Cookie set user
randiul.com/ Frame 57BA 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=c3afc70488875e49613c775c64163c0d7&cb=8445611620197912854
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=0bbbcdfb9b40fe1bda6f56dd64b6ac3539a9530e; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
PqoWhwxaOj4orMvd_vViUcvbchkM6w-pem8WEkg0kIdE237TlR-VXA==
Cookie set usersync
randiul.com/ Frame 551D 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/usersync?i=ojb32u3hlwggqu144yrdx&a=9cf6e67faca94146d7fa322769bc417d7&cb=7231011620197912855
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=7646a1cbbf61d2a353826f27e5d1c0e78f8101bd; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
hg9gBmCTgyUVJzP26WHXoaoBqfVwFQOu5icasocPC3LNERgVxP42Eg==
Cookie set sync
randiul.com/ Frame 9404 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=d220d3457426e10bf1c6fcfe7156c3c61&cb=7295371620197912856
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=e98e6b219a19a27c0636ea22495538906f1383e8; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
w2qH6fbPCJCM1XviDGZFXjVYo9nxBE5_T2FFNU4C59bS97FlVg1KUQ==
Cookie set send
randiul.com/ Frame A225 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/send?i=ojb32u3hlwggqu144yrdx&a=e07324e7b863c76bb1289590caf138d87&cb=8867091620197912857
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=5b0855f3746d7f51ae4c4a68416ffec658fb45ce; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
TzKzC7LyGuwJGAkDFYuG7449yI4l-0QBaxU1JgQ56lAL9z3aZMeBcw==
Cookie set usync
randiul.com/ Frame 3997 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=8532c942a93c6249819307957e97deaf5&cb=4240821620197912858
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
91efa6a1a0c5ad24ef521207ac840df4f5ff7ce6a21aa884dcc066780f919a3d

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:32 GMT
Set-Cookie
SSID=f4548e03ebc1e1533942a1c5223a82a8e833aa4b; Path=/; Expires=Fri, 07 May 2021 06:58:32 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
xGX4PgCu-kuKtlmynUdwulPbXyP8H6DyRQsSkrqRg78zs6sAtBq9rA==
Cookie set usync
randiul.com/ Frame EF23 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=b024928c8882978034c90387283d126f9&cb=9721691620197912858
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:33 GMT
Set-Cookie
SSID=723a769427781b029e34295ea0df2408e68dd027; Path=/; Expires=Fri, 07 May 2021 06:58:33 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
eh7gW3k3XwU-DTn2p7eGv9qEmHMenuWwV7s42hh4XFGCQnY99x1xFA==
Cookie set async_usersync
randiul.com/ Frame 4E9C 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=eddfcbfb128a526f56e05c92a9b481f49&cb=8885201620197912859
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:33 GMT
Set-Cookie
SSID=c19dd5dc8e42a8cb2cd3473ec9409aa940dfa362; Path=/; Expires=Fri, 07 May 2021 06:58:33 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
SpfR5tFwyGrFnCd-jRBwogRhXhxJ59ezpqPus2icVPennrWKqHHoew==
Cookie set stats
randiul.com/ Frame CD49 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=0ceab00f6aa2fa44097419a12b6178ab5&cb=9776721620197912860
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:33 GMT
Set-Cookie
SSID=a875b73ea45b7e1d1a1d334344ff3950a4747a3b; Path=/; Expires=Fri, 07 May 2021 06:58:33 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
7gvS51s-zDkTz1H4oMhYRszOPKap3zZ0sDRYNEzwBbfyyskij2LtKQ==
Cookie set sync
randiul.com/ Frame 1F1D 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=33201c76a9a8497517064f431b42e3511&cb=3009041620197912861
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:58:33 GMT
Set-Cookie
SSID=65ee6de25f2c0bfa96a3f2e3eba010c4ff0ad399; Path=/; Expires=Fri, 07 May 2021 06:58:33 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
YE1OU2f39wD8A9ZGbMaxzDBqFTpRZGAGXPXHGx6xb5fbxFBzCEVpoA==
settings
syndication.twitter.com/ Frame 80F4 		183 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=40c283fcb3b4fc562516bc48ff2aa7971dcb9a2e
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Farsiv.mackolik.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 06:58:33 GMT
server
tsa_devel
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
03406a0b4d8b47ab8034b79e8996e43b3f002451cf1f11992d40fbb41185550a
content-length
152
pxl.jpg
randiul.com/ Frame 2A54 		597 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://randiul.com/pxl.jpg?i=ojb32u3hlwggqu144yrdx&s=528&p=http%3A%2F%2Farsiv.mackolik.com%2Fdefault.aspx&rstk=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&h=9710511620197912973
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:33 GMT
Via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
Content-Type
image/jpeg; charset=UTF-8
Connection
keep-alive
Content-Length
597
X-Amz-Cf-Id
_yg2FZgGuoCmgGcHxEOgUUr3V94OkC8oL2p6TzpoCT91POYTeuPOag==
prebid_v4_21.js
hb.adpone.com/ Frame D8B8
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=d050c52bdd6883ba985109b9a8c8dbfc8&cb=6384361620197912845
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q8gind9QRffXkRyCD3el25rGaR903YC%2FSpvoynYu71iHZLKXoMfNjKbm2QFXcV7tJShSlLrk1w10VYWeXQYCVUVTKUT7UQl72Ytci3OznG8PB1YLr8oBVASE"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb49ce00002c32591d2000000001
cf-ray
64a814bc7e152c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ePibfOC9cZh%2FRrwnT0CkLlaMFTveWL54OVxiMTftdrjXOmQIqWM2plCJ3Mzq3fs27wTU6aZBtkndxTtSX59ZbyEI2pRH0tixdNjpuChItpTLIR8KrFXZkeIX"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bc49bc979c-FRA
cf-request-id
09dceb49ac0000979c0d10a000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame F974
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usersync?i=ojb32u3hlwggqu144yrdx&a=52f6a328dbddd0d88897f54da3db11385&cb=2676651620197912848
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3TW2oz0mlUrASFk%2Bi%2FM8GzUc0MUaGEOJs7Rba2h79pzQYiyEwwUu5OBLTVC5HobblUg2a1JtRYiCJG8z7z0cFZ746I2bw7Z0WowTXBxg1lsTIbNLZ957BVML"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb49cd00002c325e277000000001
cf-ray
64a814bc7e172c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ftGYq8IYaWaYAv3SvvxRzdbie%2BcL02tkcdbCaSDXHmoZCai84K1suFg38dE9867Jf877OegJuv5OL0%2BPtzqM1hI6gqg23umyPbMXubgdB23KVbBnZLzRhOj9"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bc59f6c277-FRA
cf-request-id
09dceb49b50000c277c5373000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame E781
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=265e42e3ace33c8282484bff3757965b1&cb=9599711620197912850
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T0xIQI2%2Fl8b%2F0HRbsHN0qw0EARhGKFBs9BQ4CxK1kZprPDeqo1jxTZcsYzzNs3MyXVIvb0YnuLar0ITpBoZLcL9tUPdamsfiw28tJ89Je%2BYVhoRFTHSshZ4S"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb49ce00002c3265be9000000001
cf-ray
64a814bc7e182c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NG64MCfbL7Jnt3Ktt2wOZHOqSenzldgK9uhD2UUtfRdfP56YCZkMXYqD6EgoZZm7uR8LOk30UmfZfztzT7LceWe15YaHYF0UgFVGY3mvDsWjTB8zfD0FXI5J"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bc59c3979c-FRA
cf-request-id
09dceb49b90000979c0daea000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 3F3E
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=ae7a4d7162c85e5c88a28e14dfee11201&cb=7791831620197912851
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jc81MeIgrMQ92tE09Aym5ns66U9E0ZGAC0fgbVJBFFPbfh6Sy69wHkaVqyUKD3CWvnnX9sinB12ZhyO%2BHXlOpjGjGlLrFK5Z64KNwH%2F1Ld4u9c1rtSO3eq83"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb49e400002c3272a11000000001
cf-ray
64a814bc9e4c2c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UQjfiD8T0H%2F3F4gv6qVLSOu0g7vsUVTFgh1PpYx5pUf49bEl4V2XS6EzzU6p8a6tZxL2oRNcWT5aCDtvEvD918ygMPMB5xKRWmpuToBYLQbf5xZRvCfOsM5e"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bc6b7ed711-FRA
cf-request-id
09dceb49bd0000d71121bf7000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 81E3
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/syncro?i=ojb32u3hlwggqu144yrdx&a=372391a348f7da1692060bd764e144631&cb=6726021620197912852
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H7WwXnifJQomjncE5ieuVjUY3WZLLNA0GC1Qweag5adePQ5wZ9Yy4z7cxnkyqM%2B0w1aEnaUkRndLXBqibwPAOGCOqtsHT3Wa3%2FbFZKppgN8C6o%2BnyaIrS4wV"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb49e200002c3218091000000001
cf-ray
64a814bc9e4f2c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XiYN4WLYebVh6SCNI%2BZ7xGcsC%2FaR9R27g1%2BZJy56S0SOlrvobrTY3e0fFempuc3UqclTOZSi%2Fr0FQIPbCvJwcIE4qgUzNKLxcLuhaFtDQ6Vjvystyd2rbEOs"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bc6a06c277-FRA
cf-request-id
09dceb49c10000c277b28b9000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 2F29
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=f87e5c8f7cfd18312c8b3d901f50f9d19&cb=9949931620197912853
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ziB0zUB6jeBUZKBuGDF86uZTRxwUupXGa2JEw1ZVJOeUqRK4E8ziILaNAdwEImH%2BDpCQBZNjeKNtyEY2UtaKG%2FSOu%2F%2By3Y86Jn65T6MO1eDhPBaJmhjnRUX7"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb49e300002c32fbbc3000000001
cf-ray
64a814bc9e532c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4qgqTsz4DBRbPQEfjlRf18N2%2Fui8n2m6ibsGM2roPTIuxObzDOEujzPy3AIEOdvuCj71OcLSa%2BVaFUxmYFZsdO5pPHLDDfwx1ZhX9Ea6hcHVA1gYjw4qfXh3"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bc69cb979c-FRA
cf-request-id
09dceb49c50000979c1cbb2000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 57BA
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=c3afc70488875e49613c775c64163c0d7&cb=8445611620197912854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W22DxEoFsKKgxoJ8mJ5VTjPjrjqznQMKzwD3TH%2FZs0bweiuv7upeeXgR%2B%2BId4eK2ohKxBMzg1qlnpokcG44iaZ6jznXtAs78hVa4g1RlePTXBT9V3WvMiND%2B"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb4a1100002c324c2ad000000001
cf-ray
64a814bceef12c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qYtK1dDHIIromU7LJMlrLhrKltfA%2Bp9cMD%2Bl0OmpP9%2BuaZsXtJAJY9y9BdQNPXMNlKWBFJ%2B8uq%2FUsj5XenD7VYUyQ0uhWjic%2B5ji%2FcSDzXHWQw7wZNsHz%2BUb"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bcb9de979c-FRA
cf-request-id
09dceb49f20000979c0f950000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 3997
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=8532c942a93c6249819307957e97deaf5&cb=4240821620197912858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=spQBRjT0S7MOvD67YebBf5R%2BcTJXg90DB3xOCJfsoNp43QfdLjK1HsMKqfKc5zddsphdcoO9UFiu9ZmFgn9WwIsDgxMEHCrGdl74Wj6U2UIQe13rXgtob5u0"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb4a1500002c3265bef000000001
cf-ray
64a814bceefd2c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gXDg8kgx9anqAqYhVgCzeHvfVJMFu7uc0%2B%2F%2FJRfRmpx049Nbvzrb66QaEgvBV2EGwQCTeS15Bo5dR7MvBoJbIMOS%2BzwNfFUaO%2FwHs4yn9YHfuKlybbAxI1kp"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bcba62c277-FRA
cf-request-id
09dceb49f60000c277cf04f000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 9404
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=d220d3457426e10bf1c6fcfe7156c3c61&cb=7295371620197912856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ew1kulc1PDgPJeUBYDXAXtpDkEVmiWFBRAvJV0aeiNBOKts%2BLy1E3e%2BrhKm8GDPNMYsDx%2BZZBtR3DK9BiX%2FvuDMzIBcpHgHk%2FkM2sNDoVbsnp6SIr%2B4NE3dA"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb4a1100002c32542ba000000001
cf-ray
64a814bceef52c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3e40YhXVx12b%2BF2OzljePI%2Fda3i31vVp8IO%2FNGJ9fBHn8js90EJYMqrKZ%2BS6xlkiBFqBrFiZ%2B%2BzimJbJ7GCmZEcJne9UaIR%2Fw2QFv3L%2FK7M9dJkIcVTX7YjF"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bcbc09d711-FRA
cf-request-id
09dceb49f40000d7112a918000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame A225
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/send?i=ojb32u3hlwggqu144yrdx&a=e07324e7b863c76bb1289590caf138d87&cb=8867091620197912857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IUg2mdUA4pZ%2FTGDbhFvUWuyvA%2FdtuCzPmEdYBtZM3HVoHA%2F1S9AQalwJYLuOq6rF9jv%2FjmPskIWff1cDgzyBo8P%2BJAVLFbbptlXQbFmfYysCbvEiVdfEJ2G1"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb4a1500002c322298a000000001
cf-ray
64a814bcef042c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FdLQ2cJB8OeZdP0RxrcC3KuQSitJbAvhcMqzSeaP6mVNtqMZdGwmRv3qGCoYe21Nr%2Bn8XcHlnAuQmbnoD6nu5VdevnV1Td67VDCFaH0cwZ%2FxwkH4dukpfXAd"}],"max_age":604800,"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bcce604a79-FRA
cf-request-id
09dceb49fa00004a7959999000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 551D
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usersync?i=ojb32u3hlwggqu144yrdx&a=9cf6e67faca94146d7fa322769bc417d7&cb=7231011620197912855
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DMYYaELVHiiQeB3HR%2BTNJDeVlqMZy3BhT93vE5btn0R%2BtYgpKXAAM5QC%2BY9sNXfbV9epbNs8Gi0bgfLzJ4sMZiizwqGsJT0Q3PsXQk3zKDPzJ0hB8X0oXyZT"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb4a4200002c32fbbcb000000001
cf-ray
64a814bd3f752c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gDYbaCFmv4cYyXlX1NAwMKjnPBH%2BkVgN9l4MrHIXG07brLp7LhYdcqUrgzu840GV5uLES5xF3NLW1A6bTEH2iMtGI1Rf52AJfIn2mv8fjGBU3uqpOZrLb591"}],"max_age":604800,"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bcee994a79-FRA
cf-request-id
09dceb4a0e00004a79a5032000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame DEC1
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stat?i=ojb32u3hlwggqu144yrdx&a=c09dbd0f7246aa15e66d81153fb482b41&cb=1235801620197912853
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DdZrRdCV7tW2A3AfJBqdEmValNHynhwwL58GNjrK1%2Bwcnfuf9hF9zkKlxpkdXlF0z9BGKDzszNrIihm741L909UrTi5ezTblB1yKuShqQWvid5hyCMAUphQI"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb4a4d00002c32569e7000000001
cf-ray
64a814bd4f8d2c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fyBnz%2Bf6W84mR8tEryx7NWi64toZFtRk2HIFsYt6DmianO3bDLGGTx0gR1qmc0rxEMpsN3Ei5srmlLJJVSL4EnsJuWjJFwkwf3GAPT3bbkJcuibmBnPjWrPa"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bcfaabc277-FRA
cf-request-id
09dceb4a170000c277a3822000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 1F1D
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=33201c76a9a8497517064f431b42e3511&cb=3009041620197912861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zGVJSHXdC7E%2BzaTtiSaYeYr2es4JVGy4Z%2BYaOpF%2F3xQ4ju886nrVHiBhcEBcwqRfVl86b2e0SVtJBTA8zpxokXoTF85wCP5GTwT0tC9pWPIN3l3D8xf7YCso"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb4a4d00002c3247b62000000001
cf-ray
64a814bd4f902c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nvlRY3pdTYBJnkRE41X1jdj3Vn8DN7%2BV4mHRmWKkdQVeP392IFiQ5sAa7MpNZsKXsm%2F5eYYXXmWRiol6%2FqFAPFoG2gt7f5TnZ6OKU%2F757yJKhdfDdwXLao47"}],"max_age":604800,"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bcfeba4a79-FRA
cf-request-id
09dceb4a1c00004a797f33e000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame CD49
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=0ceab00f6aa2fa44097419a12b6178ab5&cb=9776721620197912860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uZFDSp35btax0rxHpexdbwgfw6omlH4AdFG8G09Fww75ZVufS5jX7D36tt31U9v%2BBSjrOlSpyQEeawzfKHAmoGSDo5mEyx6rNQDrN1f3unW9xYy6D65arAT6"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb4a4d00002c3206b47000000001
cf-ray
64a814bd4f912c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bQ3xM4rkGg2xBtDacIgJw5KeYME19jUbed83ynb%2FdenlDruKAc%2FgnkVJwveaCNM5YA%2F0cA%2FLmR1EitswB6k4I91nFCCQ8NpSYViq8cQzY0mu1SaTqWt177aX"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bd0c87d711-FRA
cf-request-id
09dceb4a200000d71157000000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame EF23
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=b024928c8882978034c90387283d126f9&cb=9721691620197912858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v3z5sLykZqhIpfCH5oe7pVPUWFlvJOi7hwTSUN7Pe8nLn4cDz%2B1F9dYC%2FZDYm2xkOyir2IgOMG8BaXYgS10G%2BhjHZx9Cg2pLnvxlm5zLwYKAH2aTpmqafzaz"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb4a7400002c326f2ec000000001
cf-ray
64a814bd88002c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2sCVZia5sGAb86Y%2BWHMuBxNgpRVctIGEKii%2FSuMxfvnZPK1WdC2%2BE3TJmbQDZTR3b%2F8EqJOKoblQlqpItbSfQ84MBg76jRMa6h12zyWzkEDqDIvVDjApNFB0"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bd3ce7d711-FRA
cf-request-id
09dceb4a470000d7118db65000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 4E9C
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/async_usersync?i=ojb32u3hlwggqu144yrdx&a=eddfcbfb128a526f56e05c92a9b481f49&cb=8885201620197912859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4061
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sRGn5mRHLLcCkqKaMMEVwjCXn2FfDEXfMbuA7J9ai7Mj3vpjNpzHo7sFg1lmlVeLAnzAGXS3AskUfSDMOl1cNs4r9yVgz0w7FJhIBgqPBjrwGzDf6WnV9n%2Bg"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dceb4a7400002c323eb9f000000001
cf-ray
64a814bd8fff2c32-FRA

Redirect headers

Date
Wed, 05 May 2021 06:58:33 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OsG79SlW6mvA6FIjc5uAwL%2FehA0mmwfXk2rqmPskk3MgblNCKebVuUu0tSQmeg0Q5jBeG9%2FzAxqOKYrk1wS6Vy8fdvVpdRHkQhhAM4wSDKEeyVGy5zuSa9mH"}],"max_age":604800,"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a814bd4f284a79-FRA
cf-request-id
09dceb4a4a00004a79918c6000000001
Expires
Wed, 05 May 2021 07:58:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2A54 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6z8t3PNZtGVZisRKWbhq41SIKen3S10jc2xiWC165kOP-uwfyIFvWLN0Osx-gr2mU1JAa79ma91-N9rJf1zPLC-vjPHukfu-1erH_3Dm7QYIuTxFyKO5sLTLHgqtkPUPESF7d4v9KGBbhslKzTk6-oBPU3CkXBy00f3aMzuY0kAT61isX165A3yCHYd5o2Mqy8hRRP8jYZJ2x5imTJ_hsq-zoNbiUZR0qn4l50mfEzLhhMYBCdqcsvEvLZGacCOrB6vuEf2BgNrAaBoVfJuxJh1_Wv9VQ9PXl7l4J8FlwQ8NOSp3rPP28ejeM3F9F4wMRK3LGoyH7ZYJimkP8b8gQgyITGPYYCzcItaML&sig=Cg0ArKJSzIiMfKG4iLJcEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:58:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 05 May 2021 06:58:33 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3997 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1950012&size_id=9&p_pos=atf&rp_schain=1.0,1!adpone.com,39a22c8928f9976dbf1f,1,,,&rf=mackolik.com&tk_flint=pbjs_lite_v4.21.0&x_source.tid=7a34e48e-0f12-45b6-97b0-5500da708f4d&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.08534069830233104
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0bb1eabd69d92512d90ba3c6eee9a10c717971c2ad51fb7007fe339a1676130e

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:33 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://randiul.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
adx.adform.net/adx/ Frame 3997 		5 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTk1NzIxOCZ0cmFuc2FjdGlvbklkPTdhMzRlNDhlLTBmMTItNDViNi05N2IwLTU1MDBkYTcwOGY0ZA%3D%3D&pt=gross&stid=ba92c000-5fae-437f-bc13-1e69e5ee6219&fd=1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:33 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://randiul.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ Frame 3997 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=72235054607
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://randiul.com
date
Wed, 05 May 2021 06:58:32 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
adjson
ads.betweendigital.com/ Frame 3997 		2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=160x600&jst=hb&ord=4450578525939865.5&tz=-120&fl=0&rr=false&s=4022875&bidid=8f886a06db5b2d&transactionid=7a34e48e-0f12-45b6-97b0-5500da708f4d&auctionid=ba92c000-5fae-437f-bc13-1e69e5ee6219&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://randiul.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v2
i.connectad.io/api/ Frame 3997 		0
0
arj
adpone-d.openx.net/w/1.0/ Frame 3997 		172 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Farsiv.mackolik.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=7a34e48e-0f12-45b6-97b0-5500da708f4d&nocache=1620197913260&schain=1.0%2C1!adpone.com%2C39a22c8928f9976dbf1f%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1620197913069&auid=543870365
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
b330185debf5b68b194745f70960707b011604fc0b76ef9be8b68ba9494c5390

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://randiul.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 3997 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
69873a509d7778dd4944bd0104f65d4be282c13b7cf76210e6dae06f32c249d1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:33 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.100:80
AN-X-Request-Uuid
5396c646-b1b8-4dd1-859f-daa6b130b2c9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 3997 		94 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
05166fb32ea140fdb02d6c7786150ee38c6788871f9aea52fff785a55ae7a133

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 May 2021 06:58:33 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
v1
prg.smartadserver.com/prebid/ Frame 3997 		566 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
bf45c708f176130ce7fe17dcfbade7165509155816456df832e31c79110b50d0

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:32 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b16%3b88
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
http://randiul.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
button.5573c974dc31bbdab5ea7923a0bd5cf3.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) /
Resource Hash
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/67C1)
Age
556478
Etag
"382be2960021b88f6ce982d997cdbd01+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
activeview
pagead2.googlesyndication.com/pcs/ Frame FD89 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoGGlnIaJkZIJVMV4NZyjKj1JaGxXo7C3Xc0OzbSuHTLfejexeyQdqdT9tVdbFMTA54xe6kt8bp79dOtCj37eCquF9dmcBDDH_LCt1q6kec7FkGRSPy8TiOq6sEA&sai=AMfl-YQ4seQHe_YHHiydbVqfsTF6OJzpzOhff3ObADdE-atCwL0H3uYEa4KRMaXNB4aKzAMNNEeIf6hQ-TbKn2kDkVkyNYJDvKKwRGx14Ftbz9zpTTah7RNybCZcUsGx7ljb&sig=Cg0ArKJSzCBYUoH5JnczEAE&cid=CAASPeRotOajpJ9Cy96pOXJdUqXTz8HX2OnxSD44foI6mZRzMPQtorO31X8_mQLJKC-0hS9z816-R67mCFnfkNI&id=ampim&o=972,245&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1038&mtos=0,0,1038,1038,1038&tos=0,0,1038,0,0&tfs=178&tls=1216&g=100&h=100&tt=1217&r=v&avms=ampa&adk=3491219890
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dark-bottom.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d2af3977cc879022d4f18d519ac1bce009ef573d3676b719d93d4752f4cda51
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2895725
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
702
cf-request-id
09dceb4b4d000005cc791da000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-c28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4xDZ9ORHN6h8hswIg%2B1GHqWw0IrMXLzgZNjjmSzjYUj%2BcjTpnItBUY%2BFTC%2FabhM6hezG8Zli8KtX05%2Bt%2FCpoBz5zhrhF7GrfdEbCxZKWE0eXXP6iY5gXVr%2BNGw26gGFt2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64a814beec6705cc-FRA
expires
Mon, 25 Apr 2022 06:58:33 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
Non-Authoritative-Reason
HSTS
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66c435bb13d0f81876077d0c43fa4a71c16678f77c85c22c316dff503156d969
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7721
x-xss-protection
0
follow_button.06c6ee58c3810956b7509218508c7b56.tr.html
platform.twitter.com/widgets/ Frame 3647 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.tr.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) /
Resource Hash
73e458e1ca6caf7a393f417ee0aec26bfb3b178821b74e12d97644da528b6f2b

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
556477
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 05 May 2021 06:58:33 GMT
Etag
"d6e546d8fa1ae90bec42d430591f9bb1+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:46 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C1)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
13911
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 05 May 2021 06:58:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D3E2 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.mackolik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 05 May 2021 06:57:54 GMT
expires
Thu, 05 May 2022 06:57:54 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
39
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 3647 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
pagead2.googlesyndication.com/bg/ Frame D3E2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 21:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 12:48:00 GMT
server
sffe
age
32367
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5711
x-xss-protection
0
expires
Wed, 04 May 2022 21:59:06 GMT
jot
syndication.twitter.com/i/ 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1620197913626%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 05 May 2021 06:58:33 GMT
server
tsa_devel
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
03406a0b4d8b47ab8034b79e8996e43b3f002451cf1f11992d40fbb41185550a
x-transaction
89a41a3ba8f33816
expires
Tue, 31 Mar 1981 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=2953133834302545&bg=!iYqlis7NAAYXzPaOF8w7ACkAdvg8WjpZwJRaEjDTgTnA2utqDvMdKkk6W1DnLqmRgtYx1jz0Do_TnQIAAABrUgAAAApoAQeZAkH-XxZ99EJ2_rMlgslEkryMHqzEYm8kbglTF44qSE4tcOUaEjReNd7UURo1XIDqwH80ezBKu4xR8fCTdAhPfJ9pIxSBb3K9X9b9KzwzD9R1wotIqBZsPaDNH_MWKXYOC245ZDmhi-puNGzsouXHVxydoWU3Fsr6Umr9_AyM2DYzHzyXXTLXugJ8uSJtriumdqW-FJmnTfgFtpCFlxGN4k6Oo6iIWjsIdv-m6Uo0gqRCABuQZEILEYowpLgnMr6Hz5fcF843g8AajgIn40KP8ERryN4d5DiMcPdsySwIB9lUX8l9jekNVlIUAuSGbcWS_7wv_H5T1L0AFIhsZ0LMw1AauL5ycrcddXsUJSruuxHdII34hQsOJPEV2qyNqmmfI5LDrJnQp2km-rZurYX8iS4pO1J-H354wiQU_p15u0kB9AJkyPSqphGHuggIGuOtZy6pHvwO7N6QkA2AaJtXAPKx69t0cdtRg8RfBWVR9PsaeCHrs04q9p_iA25HGTitv5LXGAchYHP86SfVuTpsXbUAAc3L7u8Y0QlmGd6bXyUGomYC4N_JkHlD_LnD8-H39tfxyIcqQXYqrApp7XBzPxn1F_6mUPIwDwHIxYHkeijs7kQFb6LhomT-Kw-BSKqYM_nR1vr53Frfchv932AY-bdouvaYTkoyoRq593XQjfLGyRdLKMI-fadefcWpMmF6s6DDYO0z8unRQqF2zdkVcUahk8ia0XD-DT7rilaqVQy1G_bVQO8BWy00atwuWJ_cIaV3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5460 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunrAjREgDgsYOLQB6zjgz0VnkOFXGx8ca2sfbseIpLNM6ViVYcc-Q0CgSYjxcq80V9jS_l5Ai0oajMohCXOYdKsUQq0MPKEvKVyeoV3wo&sig=Cg0ArKJSzBdHPzZudbBPEAE&id=lidar2&mcvt=1000&p=134,436,224,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210503&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=821623584&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1620197912202&dlt=0&rpt=170&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2A54 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst03BMfRM4N5w4IlcCDTCJHsiCvYUCO8K0v2_RKdiSHnkiXKTf_MtBD2vask-28tvueeUWQnCrFmC-bNeLOwB4naYWXpiamlkf5Ju_jHlM&sig=Cg0ArKJSzIPLnVGfPxjfEAE&id=lidar2&mcvt=1001&p=0,150,600,310&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210503&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=267919333&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1620197912620&dlt=0&rpt=154&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 583D 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:34 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 May 2021 06:58:34 GMT
syncframe
gum.criteo.com/ Frame 5D02 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=arsiv.mackolik.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=arsiv.mackolik.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1527
date
Wed, 05 May 2021 06:58:33 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 583D 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:34 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 May 2021 06:58:34 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3997 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:35 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 May 2021 06:58:35 GMT
syncframe
gum.criteo.com/ Frame 303C 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=arsiv.mackolik.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=arsiv.mackolik.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1623
date
Wed, 05 May 2021 06:58:34 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3997 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:35 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 May 2021 06:58:35 GMT
sspmatch-iframe
ads.betweendigital.com/ Frame 556C 		658 B
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2592bf5caad2f216daf52f3cc9c413653814d0a57bac187151126fa52a83e31e

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=635e20d7-a90a-527d-b5dc-7616d54e340e; ut=YJJCGAALQtDNxHWcu6ZN9MtibSQEe06AkqgkFA==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
658
async_usersync.html
acdn.adnxs.com/dmp/ Frame 11F1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=4825170135112427554; icu=ChgImOh2EAoYAiACKAIwmYTJhAY4AkACSAIQmYTJhAYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 03 May 2021 04:58:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 05 May 2021 06:58:36 GMT
Age
7226
X-Served-By
cache-lga21934-LGA, cache-hhn4076-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 120334
X-Timer
S1620197916.012705,VS0,VE0
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 3444 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

date
Wed, 05 May 2021 06:58:35 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
set-cookie
__cfduid=d884f2a9f5323f8fd0251ec91b1781a7a1620197915; expires=Fri, 04-Jun-21 06:58:35 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-request-id
09dceb55260000e0071981e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
64a814ceaa2fe007-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
usync.html
eus.rubiconproject.com/ Frame 7801 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KOB406GZ-11-D31I; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu/Q5+nOKR+svD2oDgupHkbJVEn+QF+png06zAFbpC9zOvGOFXJx/AX1DKVYI/iiF8/WWQzTX+vLxkA/aUD0yeA2YMc5xIUpD4f1EQXOfYdkw80=; ses2=; vis2=215624^1; ses9=; vis9=215624^1; audit=1|SDziDG3X/Egut3X1DXzIKhSNte0ann5GdG6EB4hXOS4cCiLJmy7fcvg2cbyfMDYbaNgdOVL2Yy8K2yMHxwu6l7KpUjWTmmg0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ Frame ED19 		1018 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
http://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=3&iscname=false&cname=
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"f7993322e8eb79ecae2b39841d5f82cc:1617179570.110025"
Last-Modified
Wed, 31 Mar 2021 08:31:34 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600
Date
Wed, 05 May 2021 06:58:35 GMT
Content-Length
445
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 364D 		668 B
729 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
83f62bab518d4361760ce012f3a798227d475675247030768af11ae1f0c56d98

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=2380b7a1-875f-0485-2829-d0004aa89db7|1620197912
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=2380b7a1-875f-0485-2829-d0004aa89db7|1620197912; Version=1; Expires=Thu, 05-May-2022 06:58:35 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620197915|gekin0vNiygu; Version=1; Expires=Thu, 20-May-2021 06:58:35 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 05 May 2021 06:58:35 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
clear
Cookie set beacon
ap.lijit.com/ Frame 3FEB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
9b96ab2181b5d4d1ef4a6fd4941cae4c36091541f74f14a7ac9f78e8d9af7ff1

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=a6b82fac6adad984288825a4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Server
nginx
Date
Wed, 05 May 2021 06:58:35 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJxdzzEWgDAIA9C7dHYgFAr1aj7vrq0uZPx9kIaroZ0YKprW4UcbYxsm4cta2SsD1RAyrceXLikay3POqBPvS1IGNUr6I6lTGtnJnEcNlPL076wGbEe9oVOe0b7Naqd5L%2FfeD0pATfk%3D;Path=/;Domain=.lijit.com;Expires=Thu, 05-May-2022 06:58:35 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=a6b82fac6adad984288825a4;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 05-May-2022 06:58:35 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap5ams1
consent-string.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame ED19 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by
Host: csync.smartadserver.com
URL: http://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=3&iscname=false&cname=
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F70B) /
Resource Hash
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer
http://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 09:46:03 GMT
Server
ECS (ska/F70B)
Age
60452
Etag
"f720a7f2a8432d0f18de76239266413f:1618998433.10658"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
6396
TemplatePool.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame ED19 		75 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: http://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=3&iscname=false&cname=
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F71D) /
Resource Hash
8dc1424a555499c829123605526f6f425ebf0329a8f770a0cfcafc37aab81761

Request headers

Referer
http://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 May 2021 14:09:47 GMT
Server
ECS (ska/F71D)
Age
60455
Etag
"b0749c22f817c852cb91033f40d1e24e:1620137403.669138"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
3491
CookieSync.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame ED19 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: http://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=3&iscname=false&cname=
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F704) /
Resource Hash
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer
http://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 May 2021 14:09:48 GMT
Server
ECS (ska/F704)
Age
60452
Etag
"5c225f0da4164867a9eba01d527131e3:1620137402.474431"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
1566
CookieSyncCtrl.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame ED19 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by
Host: csync.smartadserver.com
URL: http://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=3&iscname=false&cname=
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F705) /
Resource Hash
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer
http://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 May 2021 14:09:50 GMT
Server
ECS (ska/F705)
Age
60450
Etag
"c77fb70e5e267321a13fbe8a4c2eb33b:1620137402.919061"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
1560
match
ads.betweendigital.com/ Frame 556C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=f243edc9-f9b2-4c35-b657-e19a2ec6b733&ssp=between&expires=30&user_group=5&bsw_param=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
date
Wed, 05 May 2021 06:58:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ads.betweendigital.com/ Frame 556C
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usd5EpCf1p0i.AikABlF5O1I-CA
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usd5EpCf1p0i.AikABlF5O1I-CA
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f14-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usd5EpCf1p0i.AikABlF5O1I-CA
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame 556C
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=635e20d7-a90a-527d-b5dc-7616d54e340e
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABichMmEBlIFvp7KygpiJDYzNWUyMGQ3LWE5MGEtNTI3ZC1iNWRjLTc2MTZkNTRlMzQwZQ**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARichMmEBlIFvp7KygpiJDYzNWUyMGQ3LWE5MGEtNTI3ZC1iNWRjLTc2MTZkNTRlMzQwZaIBEFFXmeCtbxHrilMMxHptL-8*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABichMmEBmIkNjM1ZTIwZDctYTkwYS01MjdkLWI1ZGMtNzYxNmQ1NGUzNDBlogEQUVeZ4K1vEeuKUwzEem0v7w**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARichMmEBmIkNjM1ZTIwZDctYTkwYS01MjdkLWI1ZGMtNzYxNmQ1NGUzNDBlogEQUVeZ4K1vEeuKUwzEem0v7w**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=515799e0-ad6f-11eb-8a53-0cc47a6d2fef
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=515799e0-ad6f-11eb-8a53-0cc47a6d2fef
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 05 May 2021 06:58:38 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//ads.betweendigital.com/match?bidder_id=18&external_user_id=515799e0-ad6f-11eb-8a53-0cc47a6d2fef
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
match
ads.betweendigital.com/ Frame 556C
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=a6b82fac6adad984288825a4
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=a6b82fac6adad984288825a4
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 05 May 2021 06:58:35 GMT
Server
nginx
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=a6b82fac6adad984288825a4
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
bidder_18.html
cache.betweendigital.com/code/ Frame 4BBB 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=635e20d7-a90a-527d-b5dc-7616d54e340e&CACHEBUSTER=469458
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.254.23.213 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
801739505e546b0de4cc1be031d92e22aa81668a2720e49648ec45fec81b0a2c

Request headers

:method
GET
:authority
cache.betweendigital.com
:scheme
https
:path
/code/bidder_18.html?USER_ID=635e20d7-a90a-527d-b5dc-7616d54e340e&CACHEBUSTER=469458
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.betweendigital.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=635e20d7-a90a-527d-b5dc-7616d54e340e; ut=YJJCGAALQtDNxHWcu6ZN9MtibSQEe06AkqgkFA==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.betweendigital.com/

Response headers

server
nginx
date
Wed, 05 May 2021 06:58:36 GMT
content-type
text/html
last-modified
Fri, 23 Apr 2021 10:45:01 GMT
etag
W/"6082a52d-1080"
content-encoding
gzip
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3FEB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
generic
data.adsrvr.org/track/cmf/ Frame 3FEB 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame 3FEB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=a6b82fac6adad984288825a4&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=17cb6092-421b-4800-8105-ce9938a8b699&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=17cb6092-421b-4800-8105-ce9938a8b699&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Wed, 05 May 2021 06:58:29 GMT
Server
MT3 3709 11aaa92 master zrh-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=17cb6092-421b-4800-8105-ce9938a8b699&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 May 2021 06:58:28 GMT
tum
ums.acuityplatform.com/ Frame 3FEB 		0
0
merge
ce.lijit.com/ Frame 3FEB
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a6b82fac6adad984288825a4&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:66b32b8c6c9c0c9e4dcea46b9181a413
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:66b32b8c6c9c0c9e4dcea46b9181a413
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Wed, 5 May 2021 06:58:36 GMT
server
Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:66b32b8c6c9c0c9e4dcea46b9181a413
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-16-124.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
merge
ce.lijit.com/ Frame 3FEB
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=NEaEhTZEjNQvRozRNBWQ0TJDjYQvEI2FNUJoANZL
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=NEaEhTZEjNQvRozRNBWQ0TJDjYQvEI2FNUJoANZL
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=NEaEhTZEjNQvRozRNBWQ0TJDjYQvEI2FNUJoANZL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 3FEB
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=c5a0236b-eac9-4ce0-8f64-a7f1458969f5
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=c5a0236b-eac9-4ce0-8f64-a7f1458969f5
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=c5a0236b-eac9-4ce0-8f64-a7f1458969f5
Date
Wed, 05 May 2021 06:58:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3FEB
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTZiODJmYWM2YWRhZDk4NDI4ODgyNWE0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTZiODJmYWM2YWRhZDk4NDI4ODgyNWE0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTZiODJmYWM2YWRhZDk4NDI4ODgyNWE0
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
no_match_opted_out
um.simpli.fi/ Frame 3FEB
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1620197915952&gdpr=1&gdpr_consent=
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 05 May 2021 06:58:36 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Wed, 05 May 2021 06:58:36 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 04 May 2021 06:58:36 GMT
getuid
secure.adnxs.com/ Frame 3FEB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 3FEB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:35 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 3FEB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=IDME5KtY0ascAC41kVd5&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=IDME5KtY0ascAC41kVd5&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:37 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=IDME5KtY0ascAC41kVd5&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma
no-cache
date
Wed, 05 May 2021 06:58:37 GMT, Wed, 05 May 2021 06:58:37 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
reporting
ap.lijit.com/dsp/google/ Frame 3FEB
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YTZiODJmYWM2YWRhZDk4NDI4ODgyNWE0
  • https://ap.lijit.com/dsp/google/reporting
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 3FEB
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
merge
ce.lijit.com/ Frame 3FEB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=iBnq2cTXuUvd&ev=1&pid=558511&gdpr_consent=&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=iBnq2cTXuUvd&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:37 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=iBnq2cTXuUvd&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-kx42z
expires
-1
svr
match.prod.bidr.io/cookie-sync/ Frame 3FEB 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.44.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 3FEB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Content-Type
image/gif
iu3
aax-eu.amazon-adsystem.com/s/ Frame 3FEB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 3FEB 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.66.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
merge
ce.lijit.com/ Frame 3FEB
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=875739026507493165
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=875739026507493165
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:37 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=875739026507493165
Date
Wed, 05 May 2021 06:58:37 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
0608867b
rtb.gumgum.com/usync/ Frame 0D52 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b163c3f82950b86b14aa43d3ed0e9134a77194fe4d3ca5beaa9b5b8d5a9007df

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

date
Wed, 05 May 2021 06:58:36 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf; Domain=.gumgum.com; Expires=Thu, 05-May-2022 06:58:36 GMT; Path=/; Secure; SameSite=None
etag
W/"0d74e7d74d51e18b348ab8064eeb1569d"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 59E0 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=63050
Expires
Thu, 06 May 2021 00:29:26 GMT
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set merge
ce.lijit.com/ Frame B82C
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3970996078544791315&gdpr=1&gdpr_consent=
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3970996078544791315&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=a6b82fac6adad984288825a4; ljtrtbexp=eJxdzzEWgDAIA9C7dHYgFAr1aj7vrq0uZPx9kIaroZ0YKprW4UcbYxsm4cta2SsD1RAyrceXLikay3POqBPvS1IGNUr6I6lTGtnJnEcNlPL076wGbEe9oVOe0b7Naqd5L%2FfeD0pATfk%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Server
nginx
Date
Wed, 05 May 2021 06:58:36 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_1=3970996078544791315;Path=/;Domain=.lijit.com;Expires=Thu, 05-May-2022 06:58:36 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxdzzEWgDAIA9C7dHYgFAr1aj7vrq0uZPx9kIaroZ0YKprW4UcbYxsm4cta2SsD1RAyrceXLikay3POqBPvS1IGNUr6I6lTGtnJnEcNlPL076wGbEe9oVOe0b7Naqd5L%2FfeD0pATfk%3D;Path=/;Domain=.lijit.com;Expires=Thu, 05-May-2022 06:58:36 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 05-May-2022 06:58:36 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=a6b82fac6adad984288825a4;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=3970996078544791315; Domain=.turn.com; Expires=Mon, 01-Nov-2021 06:58:36 GMT; Path=/; Secure; SameSite=None
location
https://ce.lijit.com/merge?pid=1&3pid=3970996078544791315&gdpr=1&gdpr_consent=
content-length
0
date
Wed, 05 May 2021 06:58:35 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1D60 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=63050
Expires
Thu, 06 May 2021 00:29:26 GMT
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 9E28 		776 B
779 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
a9096d6bba69fbb15ce989b66952071a508d8e5b4e4fc156f00685b0bfa4f3dc

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=2380b7a1-875f-0485-2829-d0004aa89db7|1620197912
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=2380b7a1-875f-0485-2829-d0004aa89db7|1620197912; Version=1; Expires=Thu, 05-May-2022 06:58:36 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620197916|gekin0vNiygu; Version=1; Expires=Thu, 20-May-2021 06:58:36 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 05 May 2021 06:58:36 GMT
content-type
text/html
content-length
475
content-encoding
gzip
via
1.1 google
alt-svc
clear
sd
eu-u.openx.net/w/1.0/ Frame 364D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a24c6092-421b-4400-a0e1-90ca2eda564f
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a24c6092-421b-4400-a0e1-90ca2eda564f
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 05 May 2021 06:58:29 GMT
Server
MT3 3709 11aaa92 master zrh-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a24c6092-421b-4400-a0e1-90ca2eda564f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 May 2021 06:58:28 GMT
sd
us-u.openx.net/w/1.0/ Frame 364D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=krNx85CxeaKJs3r1k7Vl8J2xf_OJtizxkbI1cYhh
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=krNx85CxeaKJs3r1k7Vl8J2xf_OJtizxkbI1cYhh
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=krNx85CxeaKJs3r1k7Vl8J2xf_OJtizxkbI1cYhh
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 364D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8627405310273043880
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8627405310273043880
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8627405310273043880
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 364D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=f02c88f8-2ed8-3b72-72ff-18e82e8fae4a&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 364D 		170 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGM0MzViMzItZTdhZi02NWQ2LTY3MWYtNDI1MWU0NmQ2MDJh
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 364D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVyQdVY-5FPOrwzmZ2MzQo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVyQdVY-5FPOrwzmZ2MzQo&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVyQdVY-5FPOrwzmZ2MzQo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 11F1 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.10:80
AN-X-Request-Uuid
e756c065-799a-40a1-b726-04515819e015
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7801 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17755
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Wed, 05 May 2021 11:54:31 GMT
merge
ce.lijit.com/ Frame 9E28 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=9cc25638-c46c-017f-3543-ae4e563e9118&gdpr=1&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9E28
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=81816092-421b-4800-a4cf-b3d8fcb1ceb3
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=81816092-421b-4800-a4cf-b3d8fcb1ceb3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 05 May 2021 06:58:29 GMT
Server
MT3 3709 11aaa92 master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=81816092-421b-4800-a4cf-b3d8fcb1ceb3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 May 2021 06:58:28 GMT
sd
us-u.openx.net/w/1.0/ Frame 9E28
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UoYO91CEBqZJhgajUtUao1SDB_ZJ0Af3U4L05lvq
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UoYO91CEBqZJhgajUtUao1SDB_ZJ0Af3U4L05lvq
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UoYO91CEBqZJhgajUtUao1SDB_ZJ0Af3U4L05lvq
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9E28
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2510563670617975227
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2510563670617975227
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2510563670617975227
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 9E28 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=f02c88f8-2ed8-3b72-72ff-18e82e8fae4a&gdpr=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9E28 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGM0MzViMzItZTdhZi02NWQ2LTY3MWYtNDI1MWU0NmQ2MDJh
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9E28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVyQdVY-5FPOrwzmZ2MzQo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVyQdVY-5FPOrwzmZ2MzQo&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVyQdVY-5FPOrwzmZ2MzQo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame F24C 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=25816
Expires
Wed, 05 May 2021 14:08:52 GMT
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame B0FB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=25816
Expires
Wed, 05 May 2021 14:08:52 GMT
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
match
ads.betweendigital.com/ Frame 4BBB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=fe05b4b525734d04af8082ffa3a96f01&ssp=between&bsw_param=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3&gdpr=&consent=&gdpr_pd=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=354&user_id=fe05b4b525734d04af8082ffa3a96f01&ssp=between&bsw_param=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3&gdpr=&consent=&gdpr_pd=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=29f4fd2a-01e9-4e9c-b2a9-161fda79c0bb
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=29f4fd2a-01e9-4e9c-b2a9-161fda79c0bb&crf=1
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=29f4fd2a-01e9-4e9c-b2a9-161fda79c0bb&crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=22&external_user_id=29f4fd2a-01e9-4e9c-b2a9-161fda79c0bb&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame F24C 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49744480&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:36 GMT
Content-Length
0
usersync
rtb.gumgum.com/ Frame 0D52
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=4825170135112427554
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=4825170135112427554
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.14:80
AN-X-Request-Uuid
50acf2e7-189e-4515-92bd-957adad8413c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=4825170135112427554
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 0D52 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.66.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookie-sync
sync.outbrain.com/ Frame 0D52
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Hk_edlfnwm8wx721U4AZVTknnYpHeUgH6-N5SYA2BXGdGOX7ksSqkJ9aWLUCEoDz%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf&obuid=ENC(Hk_edlfnwm8wx721U4AZVTknnYpHeUgH6-N5SYA2BXGdGOX7ksSqkJ9aWLUCEoDz)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&apid=UP51dec174-ad6f-11eb-a994-026588a07cae
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&apid=UP51dec174-ad6f-11eb-a994-026588a07cae&verify=true
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=UP51dec174-ad6f-11eb-a994-026588a07cae
0
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=UP51dec174-ad6f-11eb-a994-026588a07cae
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:40 GMT
Cache-Control
no-cache
X-TraceId
ee3a9e7596b499c24043f7ba273594a7
Content-Length
0

Redirect headers

Date
Wed, 05 May 2021 06:58:40 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.outbrain.com/cookie-sync?p=oath&uid=UP51dec174-ad6f-11eb-a994-026588a07cae
Connection
keep-alive
Content-Length
0
usersync
rtb.gumgum.com/ Frame 0D52
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=07112c88-06cd-0324-1584-0805e6dfaf0c
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=07112c88-06cd-0324-1584-0805e6dfaf0c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 05 May 2021 06:58:36 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=07112c88-06cd-0324-1584-0805e6dfaf0c
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
sync.srv.stackadapt.com/ Frame 0D52 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.53.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:37 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/ Frame 0D52
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-VEUSVVZE2pdu7KqqAZfri9.vCYA_wftYaR8t~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-VEUSVVZE2pdu7KqqAZfri9.vCYA_wftYaR8t~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 05 May 2021 06:58:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-VEUSVVZE2pdu7KqqAZfri9.vCYA_wftYaR8t~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 0D52
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=51ab0755-ad6f-11eb-b7dd-3faee0f336a3
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=51ab0755-ad6f-11eb-b7dd-3faee0f336a3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:38 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=51ab0755-ad6f-11eb-b7dd-3faee0f336a3
Date
Wed, 05 May 2021 06:58:38 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
51ab0756-ad6f-11eb-b7dd-3faee0f336a3
services
sync.technoratimedia.com/ Frame 0D52 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:38 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
677276901
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 0D52 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:38 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame 0D52
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf&gdpr=1&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma
no-cache
Date
Wed, 05 May 2021 06:58:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 0D52
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=c39f4aaf-54eb-49ca-97f5-e9ef1a7b8fa9
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=c39f4aaf-54eb-49ca-97f5-e9ef1a7b8fa9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:38 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=c39f4aaf-54eb-49ca-97f5-e9ef1a7b8fa9
date
Wed, 05 May 2021 06:58:38 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 0D52
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1359765904
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1359765904
  • https://sync.1rx.io/usersync/tradedesk/55190a47-a515-474d-a0ea-c177092f9d08
  • https://sync.targeting.unrulymedia.com/csync/RX-9d954441-2757-4671-a350-39c57553a1c5-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-9d954441-2757-4671-a350-39c57553a1c5-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-9d954441-2757-4671-a350-39c57553a1c5-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-9d954441-2757-4671-a350-39c57553a1c5-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-9d954441-2757-4671-a350-39c57553a1c5-003
date
Wed, 05 May 2021 06:58:36 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9d95444127574671a35039c57553a1c5003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 0D52
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=ktylFM2yZ5q5&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=ktylFM2yZ5q5&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:37 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=ktylFM2yZ5q5&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-mtfsm
expires
-1
merge
ce.lijit.com/ Frame 0D52 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 0296
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=81816092-421b-4800-a4cf-b3d8fcb1ceb3&gdpr=1&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=81816092-421b-4800-a4cf-b3d8fcb1ceb3&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=81816092-421b-4800-a4cf-b3d8fcb1ceb3&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 05 May 2021 06:58:36 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 05 May 2021 06:58:29 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3709 11aaa92 master zrh-pixel-x8
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=81816092-421b-4800-a4cf-b3d8fcb1ceb3&gdpr=1&gdpr_consent=
Expires
Wed, 05 May 2021 06:58:28 GMT
usersync
rtb.gumgum.com/ Frame 9558
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJJCIAAAuMf_OQAC
  • https://rtb.gumgum.com/usersync?b=atm&i=YJJCIAAAuMf_OQAC&gdpr=1&gdpr_consent=&_test=YJJCIAAAuMf_OQAC
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YJJCIAAAuMf_OQAC&gdpr=1&gdpr_consent=&_test=YJJCIAAAuMf_OQAC
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YJJCIAAAuMf_OQAC&gdpr=1&gdpr_consent=&_test=YJJCIAAAuMf_OQAC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 05 May 2021 06:58:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YJJCIAAAuMf_OQAC&gdpr=1&gdpr_consent=&_test=YJJCIAAAuMf_OQAC
accept-ranges
bytes
date
Wed, 05 May 2021 06:58:40 GMT
via
1.1 varnish
x-served-by
cache-hhn4039-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1620197920.125644,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame B668 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wYWI1YmViNC04YmY5LTRhZDItODk4Ny1mNzc1ZGZjNjQzYmY=&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV8wYWI1YmViNC04YmY5LTRhZDItODk4Ny1mNzc1ZGZjNjQzYmY=&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlp5dh34JIYii7ofirOzvFEWPMPY6fVreBHVd5OFM_x8ht6q4fmhNtCn8SIyIA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Wed, 05 May 2021 06:58:36 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1AE2 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=63050
Expires
Thu, 06 May 2021 00:29:26 GMT
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame AE88 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method
GET
:authority
match.adsrvr.org
:scheme
https
:path
/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 05 May 2021 06:58:36 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 668A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Wed, 05 May 2021 06:58:39 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame F16D
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YJJCHsCo5s0AANl2K5EAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YJJCHsCo5s0AANl2K5EAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YJJCHsCo5s0AANl2K5EAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 05 May 2021 06:58:38 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Wed, 05 May 2021 06:58:38 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YJJCHsCo5s0AANl2K5EAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
78
X-SO-HostName
a-ad40227.dc2p.scaleout.jp
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":45,"gdpr":true,"ipv4":"0.0.0.0","key":"YJJCHsCo5s0AANl2K5EAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40227"}
X-SO-Key
YJJCHsCo5s0AANl2K5EAAAAA
X-SO-IP
82.102.20.235
X-SO-Cluster-ID
45
X-SO-Upstream-ID
a-ad40227
usersync
rtb.gumgum.com/ Frame 1D22
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1875819619529322333
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1875819619529322333
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1875819619529322333
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 05 May 2021 06:58:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 05 May 2021 06:58:37 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAFslxmtoZmRgaGluaWhubGkGAAfIcUAQAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 30 May 2022 06:58:37 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQztDQ1sjQ2MjI2NhbiM9TNDjX0KM4vcEwMjzAHAG-n-MwlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQztDQ1sjQ2MjI2NhbiM9TNDjX0KM4vcEwMjzCX4jU0MzIwtDS3NDQ3tjQDAB-hwqk0AAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 30 May 2022 06:58:37 GMT; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1875819619529322333
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 388A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=IDME5KtY0ascAC41kVd5&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=IDME5KtY0ascAC41kVd5&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=IDME5KtY0ascAC41kVd5&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 05 May 2021 06:58:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 05 May 2021 06:58:37 GMT Wed, 05 May 2021 06:58:37 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=IDME5KtY0ascAC41kVd5&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 7801
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XDylHb5pIazBDHhAtt1v_Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=775628617736400500
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=775628617736400500
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

date
Wed, 05 May 2021 06:58:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=775628617736400500
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 7801
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOB406GZ-11-D31I&sigv=1&esig=2~a6b4fa24d7767a76208ab1cf60504607aa1b1d63
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOB406GZ-11-D31I&sigv=1&esig=2~a6b4fa24d7767a76208ab1cf60504607aa1b1d63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:40 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOB406GZ-11-D31I&sigv=1&esig=2~a6b4fa24d7767a76208ab1cf60504607aa1b1d63
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7801
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=81816092-421b-4800-a4cf-b3d8fcb1ceb3
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=81816092-421b-4800-a4cf-b3d8fcb1ceb3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

Date
Wed, 05 May 2021 06:58:29 GMT
Server
MT3 3709 11aaa92 master zrh-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=81816092-421b-4800-a4cf-b3d8fcb1ceb3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 May 2021 06:58:28 GMT
tap.php
pixel.rubiconproject.com/ Frame 7801
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKg3YELe8xxVop0pCIph7xM&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKg3YELe8xxVop0pCIph7xM&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKg3YELe8xxVop0pCIph7xM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7801
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI2Zjk4MmQ2MmM4ZDRmMjM4NWI3ZmYxOTM2Y2U5ODNkMjk2MDdiMA
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI2Zjk4MmQ2MmM4ZDRmMjM4NWI3ZmYxOTM2Y2U5ODNkMjk2MDdiMA&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI2Zjk4MmQ2MmM4ZDRmMjM4NWI3ZmYxOTM2Y2U5ODNkMjk2MDdiMA&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI2Zjk4MmQ2MmM4ZDRmMjM4NWI3ZmYxOTM2Y2U5ODNkMjk2MDdiMA&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame 7801 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:37 GMT
via
1.1 google
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7801
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09CNDA2R1otMTEtRDMxSQ==
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09CNDA2R1otMTEtRDMxSQ==&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09CNDA2R1otMTEtRDMxSQ==&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09CNDA2R1otMTEtRDMxSQ==&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 7801 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5C37 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=25816
Expires
Wed, 05 May 2021 14:08:52 GMT
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame C61B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

date
Wed, 05 May 2021 06:58:36 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
set-cookie
__cfduid=d389f0c553548fea26eb95dd32cafc0581620197916; expires=Fri, 04-Jun-21 06:58:36 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-request-id
09dceb56fe0000dfcb9b802000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
64a814d19a9bdfcb-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ Frame 3506 		1018 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
http://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=3&iscname=false&cname=
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"f7993322e8eb79ecae2b39841d5f82cc:1617179570.110025"
Last-Modified
Wed, 31 Mar 2021 08:31:34 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600
Date
Wed, 05 May 2021 06:58:36 GMT
Content-Length
445
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame E080 		498 B
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
f46a49ff8b39217e671ff9918f524b6c25e179d6505d8972bdd4de06b250bb0b

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=2380b7a1-875f-0485-2829-d0004aa89db7|1620197912; pd=v2|1620197916|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=2380b7a1-875f-0485-2829-d0004aa89db7|1620197912; Version=1; Expires=Thu, 05-May-2022 06:58:36 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620197916|mWkigqiysLommOgevNgunsn0; Version=1; Expires=Thu, 20-May-2021 06:58:36 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 05 May 2021 06:58:36 GMT
content-type
text/html
content-length
316
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame 341C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=4825170135112427554; icu=ChgImOh2EAoYAiACKAIwmYTJhAY4AkACSAIQmYTJhAYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 03 May 2021 04:58:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 05 May 2021 06:58:36 GMT
Age
7227
X-Served-By
cache-lga21934-LGA, cache-hhn4076-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 120341
X-Timer
S1620197916.431420,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A3A6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KOB406GZ-11-D31I; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu/Q5+nOKR+svD2oDgupHkbJVEn+QF+png06zAFbpC9zOvGOFXJx/AX1DKVYI/iiF8/WWQzTX+vLxkA/aUD0yeA2YMc5xIUpD4f1EQXOfYdkw80=; ses2=; vis2=215624^1; ses9=; vis9=215624^1; audit=1|SDziDG3X/Egut3X1DXzIKhSNte0ann5GdG6EB4hXOS4cCiLJmy7fcvg2cbyfMDYbaNgdOVL2Yy8K2yMHxwu6l7KpUjWTmmg0; pux=1512%3D99415%262249%3D99415%262307%3D99415%262974%3D99415%26brx%3D99415%262249-DV360-Hosted%3D99415%26idl%3D99415%26goog%3D99415%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set beacon
ap.lijit.com/ Frame 6DD9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
70c7df659b1df344d3d9013ee1a69b63aec2902fd81e54d7ab623a84a58458fc

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=a6b82fac6adad984288825a4; ljtrtbexp=eJxdzzEWgDAIA9C7dHYgFAr1aj7vrq0uZPx9kIaroZ0YKprW4UcbYxsm4cta2SsD1RAyrceXLikay3POqBPvS1IGNUr6I6lTGtnJnEcNlPL076wGbEe9oVOe0b7Naqd5L%2FfeD0pATfk%3D; _ljtrtb_1=3970996078544791315; _ljtrtb_76=9cc25638-c46c-017f-3543-ae4e563e9118; _ljtrtb_43=NEaEhTZEjNQvRozRNBWQ0TJDjYQvEI2FNUJoANZL; _ljtrtb_3=17cb6092-421b-4800-8105-ce9938a8b699; _ljtrtb_87=c5a0236b-eac9-4ce0-8f64-a7f1458969f5; ljtrtb=eJwVzMGKQjEMheF36XoCSZumiTuHucLIULjiILrrDb2IG3culHn3qdtzPv5XoLAJyQqaCRbNzMUoUQ4fIY2Hii%2BCFoEjLcCKCEqYwbtZ0qaLmA2qZVjPDWOSBXpzA%2FY%2B7CoMrazEWU1sfWf53a1Tm67Hy3Sr8%2BNwfx7q52nG4%2F7rdp4f03fc1d%2F9fVsvP8MXGd7cY5ak4CwOSGWFlDlB69zH3o1Iw98%2FuaczEw%3D%3D; _ljtrtb_16=no-consent
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Server
nginx
Date
Wed, 05 May 2021 06:58:36 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJxdkLsRwDAIQ3dxnQJhMDir5bJ7nE8RVD6QdIijoe0YKprW4VvTB2ESjrG1MSr3Hy51oK4hxBQXb5ykaNz%2BOWdUxZpknSRn0knZiY3Yicmv7I%2FaUb%2Bb1YBHH78O90soz%2BhHNuveSe%2Bl73kBV6JODQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 05-May-2022 06:58:36 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=a6b82fac6adad984288825a4;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJwVzMGKQjEMheF36XoCSZumiTuHucLIULjiILrrDb2IG3culHn3qdtzPv5XoLAJyQqaCRbNzMUoUQ4fIY2Hii%2BCFoEjLcCKCEqYwbtZ0qaLmA2qZVjPDWOSBXpzA%2FY%2B7CoMrazEWU1sfWf53a1Tm67Hy3Sr8%2BNwfx7q52nG4%2F7rdp4f03fc1d%2F9fVsvP8MXGd7cY5ak4CwOSGWFlDlB69zH3o1Iw98%2FuaczEw%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 05-May-2022 06:58:36 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap5ams1
sspmatch-iframe
ads.betweendigital.com/ Frame 215B 		0
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=635e20d7-a90a-527d-b5dc-7616d54e340e; ut=YJJCGAALQtDNxHWcu6ZN9MtibSQEe06AkqgkFA==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
consent-string.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 3506 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by
Host: csync.smartadserver.com
URL: http://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=3&iscname=false&cname=
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F70B) /
Resource Hash
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer
http://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 09:46:03 GMT
Server
ECS (ska/F70B)
Age
60453
Etag
"f720a7f2a8432d0f18de76239266413f:1618998433.10658"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
6396
TemplatePool.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 3506 		75 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: http://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=3&iscname=false&cname=
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F71D) /
Resource Hash
8dc1424a555499c829123605526f6f425ebf0329a8f770a0cfcafc37aab81761

Request headers

Referer
http://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 May 2021 14:09:47 GMT
Server
ECS (ska/F71D)
Age
60456
Etag
"b0749c22f817c852cb91033f40d1e24e:1620137403.669138"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
3491
CookieSync.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 3506 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: http://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=3&iscname=false&cname=
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F704) /
Resource Hash
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer
http://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 May 2021 14:09:48 GMT
Server
ECS (ska/F704)
Age
60453
Etag
"5c225f0da4164867a9eba01d527131e3:1620137402.474431"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
1566
CookieSyncCtrl.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 3506 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by
Host: csync.smartadserver.com
URL: http://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=3&iscname=false&cname=
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F705) /
Resource Hash
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer
http://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 May 2021 14:09:50 GMT
Server
ECS (ska/F705)
Age
60451
Etag
"c77fb70e5e267321a13fbe8a4c2eb33b:1620137402.919061"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
1560
async_usersync
ib.adnxs.com/ Frame 341C 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.245:80
AN-X-Request-Uuid
3ede795f-0d6c-4790-8b0e-a564302f8bec
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A3A6 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17755
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Wed, 05 May 2021 11:54:31 GMT
merge
ce.lijit.com/ Frame 6DD9
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=1870471594856902473
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=1870471594856902473
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:37 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=1870471594856902473
Date
Wed, 05 May 2021 06:58:37 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6DD9 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
getuid
secure.adnxs.com/ Frame 6DD9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
no_match_opted_out
um.simpli.fi/ Frame 6DD9
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1620197916436&gdpr=1&gdpr_consent=
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 05 May 2021 06:58:36 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Wed, 05 May 2021 06:58:36 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 04 May 2021 06:58:36 GMT
tum
ums.acuityplatform.com/ Frame 6DD9 		0
0
merge
ce.lijit.com/ Frame 6DD9
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a6b82fac6adad984288825a4&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:66b32b8c6c9c0c9e4dcea46b9181a413
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:66b32b8c6c9c0c9e4dcea46b9181a413
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Wed, 5 May 2021 06:58:36 GMT
server
Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:66b32b8c6c9c0c9e4dcea46b9181a413
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-17-147.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6DD9
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTZiODJmYWM2YWRhZDk4NDI4ODgyNWE0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTZiODJmYWM2YWRhZDk4NDI4ODgyNWE0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTZiODJmYWM2YWRhZDk4NDI4ODgyNWE0
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 6DD9 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Content-Type
image/gif
merge
ce.lijit.com/ Frame 6DD9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
x.bidswitch.net/ Frame 6DD9 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.66.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
merge
ce.lijit.com/ Frame 6DD9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=IDME5KtY0ascAC41kVd5&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=IDME5KtY0ascAC41kVd5&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:37 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=IDME5KtY0ascAC41kVd5&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma
no-cache
date
Wed, 05 May 2021 06:58:37 GMT, Wed, 05 May 2021 06:58:37 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
svr
match.prod.bidr.io/cookie-sync/ Frame 6DD9 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.44.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 6DD9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=nzZMsbFj7ikW&ev=1&pid=558511&gdpr_consent=&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=nzZMsbFj7ikW&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:37 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=nzZMsbFj7ikW&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-l6kmw
expires
-1
merge
ce.lijit.com/ Frame 6DD9
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
generic
data.adsrvr.org/track/cmf/ Frame 6DD9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
reporting
ap.lijit.com/dsp/google/ Frame 6DD9
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YTZiODJmYWM2YWRhZDk4NDI4ODgyNWE0
  • https://ap.lijit.com/dsp/google/reporting
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame 6DD9
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:37 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
0608867b
rtb.gumgum.com/usync/ Frame 568D 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8ce272d8e9eeb3c38d65114afbbbf95a4ca9ca6794c857b6fa93fc55a3183f92

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

date
Wed, 05 May 2021 06:58:36 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"05e50146d0cb1e3cb46d5e0d6435e0999"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6F3B 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=63050
Expires
Thu, 06 May 2021 00:29:26 GMT
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E0FC 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=63050
Expires
Thu, 06 May 2021 00:29:26 GMT
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame E080
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3970996078544791315&gdpr=1&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3970996078544791315&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3970996078544791315&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame E080
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=L3oCxIdeglyUi1Rf_ZaU8A==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
iimomftcgfan8u2c4dqvo2sq06afvsue

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
64ebeebc-be74-a93b-4328-0e1dd1d86303
pr-bh.ybp.yahoo.com/sync/openx/ Frame E080 		43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/64ebeebc-be74-a93b-4328-0e1dd1d86303?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E080
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LNLAemri1LEbut5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LNLAemri1LEbut5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:37 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:37 GMT
Server
PingMatch/v2.0.30-645-g00be234#rel-ec2-master i-06d48491beb38f0d2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LNLAemri1LEbut5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E080
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=1d37afb3-955e-421a-b723-b7f59baf9d74&user_group=1&ssp=openx&bsw_param=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:37 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=fb2ebdfb-13b8-4a30-8c44-4dbb3f5a19d3
date
Wed, 05 May 2021 06:58:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame E080
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFSzQwN0JKSVFBQUN3QWNTNElvZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.44.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 05 May 2021 06:58:37 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame FCE5 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=25816
Expires
Wed, 05 May 2021 14:08:52 GMT
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 16DB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=25816
Expires
Wed, 05 May 2021 14:08:52 GMT
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 568D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=4825170135112427554
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=4825170135112427554
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:38 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:38 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.106:80
AN-X-Request-Uuid
3c5fba9f-ed5c-4984-9ac5-f0c25413c612
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=4825170135112427554
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 568D 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.66.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
syncPartner
sync.outbrain.com/ Frame 568D
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28CLcQimDYkPwGJyHtBKcvKGgIvEIJ_DtE7NM5a3_pSFidJMaTWy3_6CzLGCIF7GqQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf&obuid=ENC(CLcQimDYkPwGJyHtBKcvKGgIvEIJ_DtE7NM5a3_pSFidJMaTWy3_6CzLGCIF7GqQ)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:39 GMT
Cache-Control
no-cache
X-TraceId
a3ecddeac614b0bd4d78650eee9c2608
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Wed, 05 May 2021 06:58:38 GMT
X-TraceId
cafd81b70d38ba0435371c2fbff42986
Content-Length
0
sync
sync.srv.stackadapt.com/ Frame 568D 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.53.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:37 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/ Frame 568D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=51bb0cd6-ad6f-11eb-9401-21b6d33ec6a7
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=51bb0cd6-ad6f-11eb-9401-21b6d33ec6a7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:38 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=51bb0cd6-ad6f-11eb-9401-21b6d33ec6a7
Date
Wed, 05 May 2021 06:58:38 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
51bb33e7-ad6f-11eb-9401-21b6d33ec6a7
services
sync.technoratimedia.com/ Frame 568D 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:38 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
688837230
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 568D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:37 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame 568D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf&gdpr=1&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma
no-cache
Date
Wed, 05 May 2021 06:58:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 568D
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=5b2d2080-3de2-4f49-9af7-9e063c8a6339
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=5b2d2080-3de2-4f49-9af7-9e063c8a6339
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:38 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=5b2d2080-3de2-4f49-9af7-9e063c8a6339
date
Wed, 05 May 2021 06:58:38 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
RX-9d954441-2757-4671-a350-39c57553a1c5-003
sync.targeting.unrulymedia.com/csync/ Frame 568D
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3718062467
  • https://sync.1rx.io/usersync/tradedesk/55190a47-a515-474d-a0ea-c177092f9d08
  • https://sync.targeting.unrulymedia.com/csync/RX-9d954441-2757-4671-a350-39c57553a1c5-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-9d954441-2757-4671-a350-39c57553a1c5-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:36 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-9d954441-2757-4671-a350-39c57553a1c5-003
pragma
no-cache
date
Wed, 05 May 2021 06:58:36 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
usersync
rtb.gumgum.com/ Frame 568D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=Fb3VGNVg90YR&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=Fb3VGNVg90YR&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:37 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=Fb3VGNVg90YR&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-nsp9m
expires
-1
merge
ce.lijit.com/ Frame 568D 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 1B95
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YJJCIAAAviu1qAA4
  • https://rtb.gumgum.com/usersync?b=atm&i=YJJCIAAAviu1qAA4&gdpr=1&gdpr_consent=&_test=YJJCIAAAviu1qAA4
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YJJCIAAAviu1qAA4&gdpr=1&gdpr_consent=&_test=YJJCIAAAviu1qAA4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YJJCIAAAviu1qAA4&gdpr=1&gdpr_consent=&_test=YJJCIAAAviu1qAA4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 05 May 2021 06:58:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YJJCIAAAviu1qAA4&gdpr=1&gdpr_consent=&_test=YJJCIAAAviu1qAA4
accept-ranges
bytes
date
Wed, 05 May 2021 06:58:40 GMT
via
1.1 varnish
x-served-by
cache-hhn4039-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1620197920.127798,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 92A9 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wYWI1YmViNC04YmY5LTRhZDItODk4Ny1mNzc1ZGZjNjQzYmY=&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV8wYWI1YmViNC04YmY5LTRhZDItODk4Ny1mNzc1ZGZjNjQzYmY=&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlp5dh34JIYii7ofirOzvFEWPMPY6fVreBHVd5OFM_x8ht6q4fmhNtCn8SIyIA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Wed, 05 May 2021 06:58:36 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DFCF 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=63050
Expires
Thu, 06 May 2021 00:29:26 GMT
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 626A 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method
GET
:authority
match.adsrvr.org
:scheme
https
:path
/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TDID=55190a47-a515-474d-a0ea-c177092f9d08; TDCPM=CAEYBSABKAIyCwio2IT5vefHORAFOAE.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 05 May 2021 06:58:36 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 66C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Wed, 05 May 2021 06:58:39 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 7257
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YJJCHsCo5s0AANl2LAEAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YJJCHsCo5s0AANl2LAEAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YJJCHsCo5s0AANl2LAEAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 05 May 2021 06:58:38 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Wed, 05 May 2021 06:58:38 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YJJCHsCo5s0AANl2LAEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
4
X-SO-HostName
a-ad40384.dc2p.scaleout.jp
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":8,"gdpr":true,"ipv4":"0.0.0.0","key":"YJJCHsCo5s0AANl2LAEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40384"}
X-SO-Key
YJJCHsCo5s0AANl2LAEAAAAA
X-SO-IP
82.102.20.235
X-SO-Cluster-ID
8
X-SO-Upstream-ID
a-ad40384
usersync
rtb.gumgum.com/ Frame 932C
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316019771555001
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1871316019771555001
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1871316019771555001
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 05 May 2021 06:58:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 05 May 2021 06:58:37 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAFslxmtoZmRgaGluaWhuYmwOAJ4G1sgQAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 30 May 2022 06:58:37 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwtDQ3NzQ1NTUwMBTiM9QNyUrXLXNNMzZ0Nk8FAMFyYiIlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwtDQ3NzQ1NTUwMBTiM9QNyUrXLXNNMzZ0Nk-V4jU0MwIpsDQ0NzE2BwDZxhmlNAAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 30 May 2022 06:58:37 GMT; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1871316019771555001
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 396D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=IDME5KtY0ascAC41kVd5&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=IDME5KtY0ascAC41kVd5&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=IDME5KtY0ascAC41kVd5&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_0ab5beb4-8bf9-4ad2-8987-f775dfc643bf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 05 May 2021 06:58:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 05 May 2021 06:58:37 GMT Wed, 05 May 2021 06:58:37 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=IDME5KtY0ascAC41kVd5&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9B47 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=25816
Expires
Wed, 05 May 2021 14:08:52 GMT
Date
Wed, 05 May 2021 06:58:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 11F1 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:37 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid
affc80c4-1c36-4bc7-9d1f-fe6bc3c1e105
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 341C 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:58:37 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.16:80
AN-X-Request-Uuid
e90f2e41-74b5-4a7a-bc48-23cf1131e465
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
43DC375E76D49513
an.yandex.ru/setud/adsniper/ Frame 4BBB
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABighMmEBlIFl4XSlAY*
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARighMmEBlIFl4XSlAaiARBShKCwrW8R66DXACWQ5Fw4
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQABighMmEBqIBEFKEoLCtbxHroNcAJZDkXDg*
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARighMmEBqIBEFKEoLCtbxHroNcAJZDkXDg*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=5284a0b0-ad6f-11eb-a0d7-002590e45c38
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=5284a0b0-ad6f-11eb-a0d7-002590e45c38&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=VereIbRCR1wL8ce406Y4mA&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=VereIbRCR1wL8ce406Y4mA&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=VereIbRCR1wL8ce406Y4mA&extra2=aidata&google_gid=CAESEORFg7MFn4H0MhOwi9yTOt8&google_cver=1
  • https://sync.bumlam.com/?src=ggl&extra1=VereIbRCR1wL8ce406Y4mA&extra2=aidata&google_gid=CAESEORFg7MFn4H0MhOwi9yTOt8&google_cver=1
  • https://an.yandex.ru/setud/adsniper/43DC375E76D49513?sign=3129796333
  • https://an.yandex.ru/setud/adsniper/43DC375E76D49513?redir-setuniq=1&sign=3129796333
43 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/adsniper/43DC375E76D49513?redir-setuniq=1&sign=3129796333
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:41 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 06:58:41 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 05 May 2021 06:58:41 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:40 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 06:58:40 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/setud/adsniper/43DC375E76D49513?redir-setuniq=1&sign=3129796333
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 05 May 2021 06:58:40 GMT
usync.html
eus.rubiconproject.com/ Frame 4923
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=635e20d7-a90a-527d-b5dc-7616d54e340e&CACHEBUSTER=469458
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cache.betweendigital.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 May 2021 06:58:41 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Wed, 05 May 2021 06:58:41 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.js
eus.rubiconproject.com/ Frame 4923 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:58:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17750
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Wed, 05 May 2021 11:54:31 GMT
khaos.jpg
token.rubiconproject.com/ Frame 4923 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/jpg
pixel.gif
sync.1dmp.io/ Frame 4BBB
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=635e20d7-a90a-527d-b5dc-7616d54e340e
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=635e20d7-a90a-527d-b5dc-7616d54e340e&cs=1
35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=635e20d7-a90a-527d-b5dc-7616d54e340e&cs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.125.100.46.78.clients.your-server.de
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:41 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

location
/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=635e20d7-a90a-527d-b5dc-7616d54e340e&cs=1
date
Wed, 05 May 2021 06:58:41 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0
469458
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 4BBB
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/469458
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/469458
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/469458
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
tns-counter-3.1.0/1.18.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:41 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
tns-counter-3.1.0/1.18.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:41 GMT
server
tns-counter-3.1.0/1.18.0
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/469458
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
betweendata
api.rees46.com/profile/ Frame 4BBB 		43 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.rees46.com/profile/betweendata?rand=469458
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.99.242.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
a02.smtp.rees46.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:41 GMT
access-control-allow-credentials
true
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-length
43
content-type
image/gif
RX-fb52c2fb-7462-4fe4-a45d-8cf9a7bafd8c-003
sync.targeting.unrulymedia.com/csync/ Frame 4BBB
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=635e20d7-a90a-527d-b5dc-7616d54e340e&expires=30
  • https://sync.1rx.io/usersync/bidswitch/29f4fd2a-01e9-4e9c-b2a9-161fda79c0bb?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/29f4fd2a-01e9-4e9c-b2a9-161fda79c0bb?zcc=1&dspret=0&cb=1620197921819
  • https://sync.targeting.unrulymedia.com/csync/RX-fb52c2fb-7462-4fe4-a45d-8cf9a7bafd8c-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-fb52c2fb-7462-4fe4-a45d-8cf9a7bafd8c-003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:58:41 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-fb52c2fb-7462-4fe4-a45d-8cf9a7bafd8c-003
pragma
no-cache
date
Wed, 05 May 2021 06:58:41 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
/
onetag-sys.com/usync/ Frame 5990 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=635e20d7-a90a-527d-b5dc-7616d54e340e&CACHEBUSTER=469458
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=5d1628750185ace
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cache.betweendigital.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cache.betweendigital.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
635e20d7-a90a-527d-b5dc-7616d54e340e
an.yandex.ru/mapuid/betweendigitalis/ Frame 4BBB
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F635e20d7-a90a-527d-b5dc-7616d54e340e
  • https://an.yandex.ru/mapuid/betweendigitalis/635e20d7-a90a-527d-b5dc-7616d54e340e
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/635e20d7-a90a-527d-b5dc-7616d54e340e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:42 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 06:58:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 05 May 2021 06:58:42 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/635e20d7-a90a-527d-b5dc-7616d54e340e
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync.html
s.adtelligent.com/ Frame 4BBB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adtelligent.com/sync.html?aid=582266
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://cache.betweendigital.com
Access-Control-Allow-Credentials
true
sync
t.adx.opera.com/ Frame 4BBB 		0
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60039&uid=635e20d7-a90a-527d-b5dc-7616d54e340e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:58:42 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=a6b82fac6adad984288825a4&gdpr=1&gdpr_consent=
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=a6b82fac6adad984288825a4&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| DP_jQuery_1620197910597 function| parseFloat2 number| popupWidth function| popMatch function| popBasketMatch function| getBasketMatchLink function| popBasketPlayer function| popTeam function| getTeamLink function| getBasketTeamLink function| getMatchLink function| getComparisonLink function| getBasketComparisonLink function| translateChars function| popStadium function| popTeamTab function| popTahmin function| popBasketTeam function| popVolleyTeam function| popVolleyMatch function| popLeague function| getLeagueLink function| getLeagueSeasonLink function| getBasketballLeagueSeasonLink function| popBasketLeague function| popLeagueSeason function| popF1Driver function| popF1Team function| popF1Race function| popAnket function| popLeagueNews function| popLeagueForum function| popStatistics function| popPlayer function| getPlayerLink function| popManager function| popBasketManager function| popComparison function| popBasketComparison function| popReferee function| popBasketLeagueSeason function| popVolleyLeagueSeason function| popCoupon function| popCouponDetail function| block function| fadeIn function| fadeOut object| SortedColumn function| submitenter function| StringBuilder function| getCookie function| setCookie function| highlight function| blinkIt function| replaceTurkish function| isToday undefined| ieversion function| NavigationChangePageSize function| popDuelloDialog function| popDuelloDialogUser function| popBasketDuelloDialogUser function| popDuelloDialogResult function| isIddaaCode function| openNesineCanli function| openNesineMarket function| openNesineBCanli function| openNesineIddaa function| openNesineBIddaa function| openNesineMacDetay function| openNesineBMacDetay object| Medyanet_Display_Settings string| dtCh number| minYear number| maxYear function| isInteger function| stripCharsInBag function| daysInFebruary function| DaysArray function| isDate function| ValidateForm object| Mackolik object| AdmostClient boolean| _cookieTest string| SMALL_FLAG_PATH string| ICON_PATH string| GROUP_FLAG_PATH string| TEAM_LOGO_PATH string| BTEAM_LOGO_PATH string| USR_APP_ROOT string| APP_ROOT string| IMG_PATH string| JS_ROOT string| LOGO_PATH string| BASKET_GROUP_PATH undefined| windowProxy function| OpenForgotDiv number| firstDotIndex function| Class object| Porthole string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| udm_ object| _comscore object| COMSCORE object| ns_p string| GoogleAnalyticsObject function| ga string| ua object| cookieconsent_options boolean| hasCookieConsent function| search function| validateIddaaText function| searchIddaa number| activeMenu object| _0x5928 function| _0x385b function| _typeof undefined| ReklamUpArsivMackolikCom object| googletag function| screenArea function| infiniteAds object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt function| _amw1 function| openWapIframe object| jQuery18204692035417324367 number| activeNewsPage boolean| boolSlideNews function| gotoNews boolean| has_panels boolean| has_filmstrip number| strip_size object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| slide_direction object| ggeac object| google_js_reporting_queue undefined| ReklamUpStickyFooter number| _timer function| showBanner object| data number| j object| cell function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id number| google_global_correlator object| jQuery18206110658609568118 object| __twttrll object| twttr object| __twttr object| closure_lm_811442 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| expireTime number| begin number| end function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| cintvls number| cont function| sticky_relocate_master function| hj object| _hjSettings object| tmp object| dimml string| nextContent string| nextType string| prevContent string| prevType string| k function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray undefined| ReklamUpNativeBox object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| update_cookieconsent_options object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
.mackolik.com/ Name: __gads
Value: ID=dd16ec243c38cb19:T=1620197911:S=ALNI_Mag8sXn9pnMqjX_69ldPcPRxiKOcg
arsiv.mackolik.com/ Name: intdate
Value: 1620197912222
arsiv.mackolik.com/ Name: am_cookie_test
Value: true
.mackolik.com/ Name: _gid
Value: GA1.2.1441018505.1620197911
.mackolik.com/ Name: _hjid
Value: 13afcb92-ac0e-4fc7-a58a-468191065a66
.mackolik.com/ Name: _hjTLDTest
Value: 1
.mackolik.com/ Name: _gat
Value: 1
.mackolik.com/ Name: _hjFirstSeen
Value: 1
.mackolik.com/ Name: _ga
Value: GA1.2.818289258.1620197911
.mackolik.com/ Name: __gfp_64b
Value: X_ZxgQIf_mZ_ddNVBpIGQ3gKip3OFrlR46eRP.Tdikr.I7|1620197911

7 Console Messages

Source Level URL
Text
console-api log URL: http://cm.cdn.md/js5/porthole.js(Line 123)
Message:
Porthole: Using built-in browser support
console-api log URL: http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js(Line 1)
Message:
Safari control removed!
console-api log URL: http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js(Line 1)
Message:
QUARK PLAYER: Version 1.20.1
console-api error URL: http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js(Line 1)
Message:
GEMIUS PLUGIN NOT LOADED
console-api info URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 http://arsiv.mackolik.com/Default.aspx
console-api log URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=8739111620197912201(Line 30)
Message:
%c [object HTMLImageElement]
console-api log URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=2013471620197912620(Line 30)
Message:
%c [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a951e109e69191f710f7cfd579a753a.safeframe.googlesyndication.com
a5007bfe6c4fdb9e8afd529eafa94ee4.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
admost-banner.b-cdn.net
adpone-d.openx.net
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.dk
adx.adform.net
ajax.googleapis.com
an.yandex.ru
aorta.clickagy.com
ap.lijit.com
api.rees46.com
arsiv.mackolik.com
b.scorecardresearch.com
b1sync.zemanta.com
baltar.dimml.io
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cache.betweendigital.com
cdn.ampproject.org
cdn.connectad.io
cdn.dimml.io
cdn.eksiup.com
cdnjs.cloudflare.com
ce.lijit.com
cm.cdn.md
cm.g.doubleclick.net
creativecdn.com
cs.emxdgt.com
csync.smartadserver.com
d.turn.com
data.adsrvr.org
daznplayervod.daznservices.com
ec-ns.sascdn.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
go.admost.com
googleads.g.doubleclick.net
gum.criteo.com
hb.adpone.com
hm.cdn.md
i.connectad.io
ib.adnxs.com
id.rlcdn.com
im.cdn.md
image6.pubmatic.com
images.performgroup.com
imasdk.googleapis.com
inv-nets.admixer.net
js.duhnet.tv
mackolik.com
mackolik.us
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
px.adhigh.net
randiul.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
run.admost.com
s.adtelligent.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
str.hit.gemius.pl
sync-tm.everesttech.net
sync.1dmp.io
sync.1rx.io
sync.bumlam.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync3.adsniper.ru
sync3.sniperlog.ru
syndication.twitter.com
t.adx.opera.com
tags.bluekai.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.hit.gemius.pl
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.mackolik.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
i.connectad.io
ums.acuityplatform.com
104.111.230.142
104.244.42.136
116.202.218.103
13.224.111.125
13.224.111.129
13.224.111.23
13.224.111.48
142.250.185.194
142.250.185.226
146.0.227.110
151.101.113.108
151.101.114.49
159.253.128.183
169.197.150.7
178.250.2.131
18.156.0.31
18.159.8.206
18.185.0.221
18.193.131.224
18.195.155.181
185.184.8.30
185.29.133.58
185.42.236.147
185.64.190.78
185.86.137.32
188.42.196.115
193.0.160.128
193.122.128.135
193.232.148.153
195.244.32.71
195.244.38.50
198.148.27.140
2.16.186.91
2.18.232.159
2.18.233.180
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
2001:6d0:4001::226
202.241.208.56
213.19.147.45
213.19.162.31
216.52.2.48
217.19.248.132
23.37.42.132
23.45.99.241
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:36ce
2606:4700:20::681a:a19
2606:4700:3030::6815:5a95
2606:4700::6810:135e
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:400c:c04::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba29
2a02:6b8::90
2a02:6ea0:c700::3
2a03:2880:f11c:8183:face:b00c:0:25de
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.121.66.166
31.172.81.160
31.172.81.172
34.197.48.164
34.98.64.218
35.156.106.231
35.210.53.219
35.227.252.103
35.244.174.68
37.157.2.234
37.157.6.246
37.252.172.250
37.252.173.62
5.254.23.213
51.195.89.103
51.89.9.251
52.1.224.136
52.210.44.111
52.44.53.247
52.48.175.241
52.57.228.122
52.95.123.167
54.229.148.178
65.9.66.9
65.9.84.39
66.155.71.150
68.232.35.16
69.173.144.138
69.173.144.139
69.173.144.165
70.42.32.159
72.251.249.13
76.223.111.131
78.46.100.125
79.137.69.120
79.137.69.91
8.43.72.97
82.145.213.8
88.99.242.108
89.108.120.68
89.187.169.15
0133a3a8bad96c183d5fd19407b4cc471dcdd5eb0e81c5504c198ae5a04d6d40
034fbd1d732f876e804bc88fcdf198fbc35eb1d20dddfe549f4b697deda9a49f
037921b880f09ad6fadb833e28069c2dc8a6f5564587bad9695885b3b62ffae9
03c5ecd23de9807d07b82e5273dac606b5369ce5e1f838593f0a672408917032
04a6b8d171809bcc49550f473576d2f079093a306cb81e95fcb7f6d1a0ea3de8
05166fb32ea140fdb02d6c7786150ee38c6788871f9aea52fff785a55ae7a133
051bcb4e7ec2e3a0a3e136cc2cc74f650f78a389ac7e4d88a8bc2d27d10859c1
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb1eabd69d92512d90ba3c6eee9a10c717971c2ad51fb7007fe339a1676130e
0be4f543ecce71aa0e5096763d2834f52ff57e754e2f549219c3148c17534aab
0f2942b414a2db8e19bc57379fc2292df05dc4fa675979aa7063af6e5fa36d34
0fbb0f3cc4acc6cc02783efa87f41a41c106ff4a16ca15a26a9282ffaf55958c
113939c820b3432933472ce3a627acd88c9ff77b7ed47b57c8e23a48edd347a0
12bb3a8cbbbbe578fc0e90eae189437733fc4cae4a46679c6e0e5269fde0932e
12ede91a905350378daf0b12a4c34e774f688a67f98c9becc8793277e8c05b24
146c53518c6967e7e13ea9b117028f06b5af60bc1035e670ff35fede53253a30
1820b768bbed677d552ebb3a64b1141c0c48c64acd3dba9cd63c188ca5c87da9
19b1fd9fd3e3ceee3544fd8171ae9ba68c76f81d400e32c5e4bee821ce10d4c6
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122
1c0ebfe3482cef643ce84216797b38555c84feacc385807066ce1c9d34c12f26
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1cac081799a0f288c62d4ad60a40e417f74dc3e3a1768d04f7a03de722cca911
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3
1e089fe4af7bafaac381f0e4504e20ec5251795a7024ad64ecbda182d73dd2cb
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2592bf5caad2f216daf52f3cc9c413653814d0a57bac187151126fa52a83e31e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c13be7e6baf352ce470ded3c4ea9a4689ab876b4c07fdbfe7d5b4fb1be05787
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ccffddd7ff2e9c0cb1325a12c4786ece0872eac077ee85c4068482270e7f647
2cfd819fbd75277ef9c79698e0f96ba2d6a46d1453a7b625f7e4d5d9551322ea
2daa16355e9f256003ba9f61924f2d18c8d4ad2d8a5718ecddc9f46ce8c4a8a5
30059fe736b52ba03a1baa615cd8767728003a2d1ed1711f6b3e21bb4b2b0806
304b66f36efdb01196fedac11298d1ea5e60f9da831768c9d2b3813e2671482e
3177712e455be4da8e6afb3efe5d1f5dd26346917d63c22becb6d1c953102362
326c750b0fa4d6087f7cb6d2338e7f692397b9bd1047a5d835cc69a25515fcbd
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
384b935474ab09f84f7e845a6e91d8cbad2ff14ed25053d0be524d4624550875
3955a3073559f4f51c645bcef25f023a7c7cfba87d3bb1fb4a6c5fde2760e865
3ae830068399ffead55c272748252cda43e6103da5e6b0d673ae751c27d52200
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dfb78d105e89ffe3359c30a219301b46640e01cb726e00693b9a1e745b678b8
3ef707fc4a3c01523d30510ce8a91d224e4b80d31be2fd7b18ceee18fb5c437b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40dec174aaab79ae411c5fb19047fe06148ea88833bf6bf85e2e4e5d43071095
43522c2bf8d77ccab466f6334c7621176e0bcb6fe8604de4f56a2b6f8f615e0d
441f219ed57ed9ba64aedc1344c051924b4427e129a31df2528bd7e53d5cb7b5
47c9ac90d4519600c96b8e3a69bb9f6d6bf39cdf1dff9aae44306e0ceeab02d0
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f64f8e57fceff16ab30429262845ed261ba56e666ee48dd8c0f0616eefd0702
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283
535db9e927c69a50d41d640b27ac3519de1f846b730889f94ac81a0a2ba83179
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
574f4a4a3338f3d2972c605bdccef07a223aa0bee14fdec68a8f7a4a41254273
58f047e5fdba8b46c00955c2986b253772a95da12ffdaa2eda3742a63d24ce30
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5ab2cb2850706571717a74499e8430164270ac8305586d45e1d0a3581f43a8b9
5ae42226599cbac001f2db8f5a32cb3f389de9893e4f9e1d88de3118fefa412f
5aff8b1abcb6212d44a19927db2e892166a403245e076a5f6b64e6d9dac3bbd2
5d0070afe85ad97f374bb2c0e442853497a1c9aba921a320c7667ffc3cd6d34a
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
5ddba1b88761ecbf8a4fea3fb755c052acbcaeb5d5653aadbc01e44f6aa5896d
5de32e0c88c0eac8aadc5019f9623bb048138e0aac11dcf58b2031fd7551efd7
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
611a7dd3b2291b8d305deaf3398c20aa9f7418f1d7bbfa7d64fa6396682bfdc4
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235
61ac0055643f185e2957d5a8c5d8e7c1f526101ed2394381207ba1ac49b7f4ed
66c435bb13d0f81876077d0c43fa4a71c16678f77c85c22c316dff503156d969
66e5ac641a594d3e75dafa96f0ef3ce4cac642ecb3311698461beefc164e0f81
6793b37a48a4b85151458405cf6c5b9e4f18039328cb14fc8e32e29177a08b65
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69873a509d7778dd4944bd0104f65d4be282c13b7cf76210e6dae06f32c249d1
6997ed5d149499d545612b3dffb3b16f2ae9b3f10c7193533115e09ae4733012
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b332c513c3c2b26ba403cc70c0f497cfe340849107814ead09f37f97d0bfa94
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df79e98ac3f39a612316d11ac887567173d8b940ca5ca1c48582e5ac57e79b0
709edf07ebabeb5d4a2e3a0e7ac5fc920b86e8c8bfc27d5440f7b760b292953e
70c7df659b1df344d3d9013ee1a69b63aec2902fd81e54d7ab623a84a58458fc
71da956c41c2147c988d4d8c98db749c20b9e4f50f51a4a8c665c12c962d54b3
71de2b556685fe99997bb893a59d4a6aaa0c915633f646db2ce030bbda438de1
72ed32e45bc0b57f35d56a870a7adb3456bca2a9734683a524206eb60bc8b37a
73e458e1ca6caf7a393f417ee0aec26bfb3b178821b74e12d97644da528b6f2b
7709df895a6a66348aaf1b8045c84eb9032075ec9e2f94ef03a2ca03b01c35f9
796027d4dba4cd6269e6f40609144c06aaff52be2ae40faa09e8240d19d0215f
7acea79c2521213b0e379bcb9c0fe0c690e5cb7ccad1998c5920b2a5699843ad
7be05514fe338ed6cfbab82e994319ab6bab03cc038a24e6e6bbf99980e9e5f2
7d0b543297c8291823e3ef2cebdfe9314dbf3dd9c07a3eea22f874ba6059619b
801739505e546b0de4cc1be031d92e22aa81668a2720e49648ec45fec81b0a2c
812031ef332b67aa8f3efe65e4dec304864ceb58b8442e08cdbdd82be187ce55
81f5e8672a0895c95e0d3e3a500778d9f39c854fb3be84ebcc29846876cf30da
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f62bab518d4361760ce012f3a798227d475675247030768af11ae1f0c56d98
86efa42fcec119039e2eb953c8030585e3831fcbd38f2b9e3c342e1437feb35c
86fdcf3cffbd5630628c700977c61ff89743b3481ab7e5ac970f6aaeb4928e41
87067822b7a1880e918f8d8648a8df3bbc9ac01c1fb0cec2aefa15e8f5751ec8
873ebd413711780ef503eb0d9adc5f26a8f1addb18e5b407fb345ec51d61a61e
8985bad9bc1075a1519bc3cc1baba8fd995256b3f8f6d6a511de5302077a05fd
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486
8ce272d8e9eeb3c38d65114afbbbf95a4ca9ca6794c857b6fa93fc55a3183f92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc1424a555499c829123605526f6f425ebf0329a8f770a0cfcafc37aab81761
8ec3eb4e98e6667ad6a6ab471e6de5ba7d8bdd2caedde38d888ba5dfaad30599
8f748c119d9d5751485d0df940353e5e21757a21874166a52e71fdd67a409f97
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
91365534c6efb0b5b61a167af1e26b5be0cc73a60db9d1cfb898bb2adc6d3bb6
91efa6a1a0c5ad24ef521207ac840df4f5ff7ce6a21aa884dcc066780f919a3d
932bdfb828436b081101296ca3c21e1232156bb95ecce0ab39c0f34dc4086dc9
939ec52ac0dd04dc5bcbd3fe8f4027e42a79989d9a7588fecd2c85aaa2987ba2
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
97d4d828b296784064da5cb5cd0ff1bfb74d87a79714d117bdf6896b31d94ced
983cfd08e05acbb6688d3b881f39dc1d875970138ff41c4c9a1374f4cb399014
98ed689434c165dcaee863a2f9d1880d3c8827f1133a1ff1051e74d2e2b51166
99b5e9bdcd8b2fe01d9952d123885bbc4d0b9db3c6ac42774e82607ca0bd3147
99e55b7c506804ba286a8b3e3ad537d7a92b2938a500a6d74752df22b2a4aa3e
9b96ab2181b5d4d1ef4a6fd4941cae4c36091541f74f14a7ac9f78e8d9af7ff1
9d2af3977cc879022d4f18d519ac1bce009ef573d3676b719d93d4752f4cda51
9e819dba55e363c3ff35efb9ae33c236175dc6f5ae7ee1bd7625a90fa69c620f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a13329727556eb03b67a9ae8a13ced0ba088dc4d11dfa26570e78ff7cbe2bb56
a156603d59ff5dfa2ffadffe143de68ce7eb50071ba19a45ccaa2c54d7beb1cc
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a36d2783b76f102e1a222a4e74a7a85435f3d5567663893c72c1c5eb13d80ef5
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54bba77b3aeac1b0a38caee5711c2c452e3eac65ae4238f5b0716b9436e6e56
a6121e496afc82cd9dac0022c7824ef5af01e40e99e4f1171729d1e486ea20d6
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a9096d6bba69fbb15ce989b66952071a508d8e5b4e4fc156f00685b0bfa4f3dc
a91d2339b87d400657d27011d1e418ad9e65d7d60727101a64f12278b42f5412
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
affa7d0257fe05717ee0484e34d3747939c9f66cbffd49a6b62c15781d427b11
b08835e0e96d0237ab2ed9d316a032b5219ed5b68c201cca1eb48180aa13149e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b163c3f82950b86b14aa43d3ed0e9134a77194fe4d3ca5beaa9b5b8d5a9007df
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b330185debf5b68b194745f70960707b011604fc0b76ef9be8b68ba9494c5390
b58a7dca52843d7ec6220c7c11b9bc910372b7bdabd270c385c837b66b14add4
b653f066f750ee7c49d7625ecca7cf8c9aa713e7c2aed11255c663b43479d732
b66f827c8c5c0d83875a613a8a368400d21737bf51518cd620da2ffbed3fa9fc
b9373534d408ef10e20b3e0653c9d4b901e94a81237b9cdef1cc06c8a0464756
b9a09427f1a1422f7302c8eaf58695c42f47466675e86202ebe401a9548adddb
baa9495d62f57a51e558c8eed6ee3c00f83b86a6cc22773fb540a151515f2372
bb5824e55fb08d11d1bbcc144d776acc19dddf21298c684ff143c1b0cfd046af
bd5fcf182e343c02c360c3a5080eb4499a4a5e297783b2728306443dd54c4bae
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf45c708f176130ce7fe17dcfbade7165509155816456df832e31c79110b50d0
c123ad847c18a2ec3113d9754a655569ee100e494f0cee10c574008c16ab64a7
c13f5ac7ae0e10138056f4c238226392ad28e883f78d3e19fb43dcb9c1b58582
c1517ff23b17159795e65199e7fc06805bc36c10fe95ef8cd6b696b0fc3b7744
c36028122e14e2fdecbec5dcbc95a1c69806bd84f452851c51f4167d4054cfe1
c45435989dbfa92ad5a498960feea35a92a8ccfa8032d929c29e6da89114e737
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8793509b08afcc3849deecb90ecb38d6ac55937b2035cae4b686f447900100c
c9c38108e1d41c38a1405cce69bece237c395cea9cf21457e45e2ac498cf3cad
caa8795fdc2d03becd1b1fadaf4ba16ca8a02a18bc901b67a305ad70ab39c9e3
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ccfbcccdd761f6901f9c2225e022cc7fd07f82a15df3170c210996e9d6cae089
cd807ea3a77c9f394aa0f9ee99f8f16d73bc39416d92caa113aa49625718ca5d
ce94599488ec9e8c575525914a25e9c7d97fabebf8570ce64939fea303cca39f
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1a95693da4f11aa4645d8ed704614f14679cb6d46e3a2b67137d81f036eaba2
d34307c9a22438c45e974f24d07f41f83227ecbf729a1a3b0f36cb0c38f1b30c
d5004a9ada961a31405757982290a429a8c264b2a154659e32fab194b53d140c
d66dc6840a8eadb430f444575c3d5b03b37c823a10b42edaf12228f4b7d8bc46
d7771dde2892e058642cecd14c076c7d5290028bad01d52bbbff01ddcd17867b
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b
d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561
d8f3158538563e9d17b8f1e736a6bba0edc169188048863bdbb6eb71a01f02ad
da6abd5cd7d7da4e9caaee5f07b1a613641a2ddb09f0934917fa7b31003c7797
dce881df37ece3503fb95205b1392bb7c8c1aabc95d084e4d0df71ceef7a39c1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd3d7df053b380f29e44cfe015b1a5044f3403ae606aa6f8594b2142dff091a2
ddc21f2e288de35020ce7562ae82a1f3f1716996ccd3c52747b4fda5f2136631
de00817d2456b6108f78a2774d70d1ab8658a5ba300ab4023c55dd2817de052a
e05877ec1cc3a0f91bd0726fab6baca1bbf8caf6048941bd6fbf805088e357d7
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395
e339219d347effa315af137b67c0442a018ed4e5f38c2c2748d994644a372ab2
e3a18f24b2e9053869d6fb6745303dd7289043df0a84c92c1c71aee1e27f57d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444291a8eb00c0786a77e8b783c318b2d77db35e6715aff504a46d8e64b3335
e471e87ed4beab1580036363f9cf3a9877751cacbffa0bab58b83cc6cf944f8b
e4e15130fc7346fd63867b471eea31d6f963ef06c40b7b92aef42ff18aa863b5
e85ed70f54fcdcdbf8739151b7398df3e8bcb38f4afd38dba0e6ac802dd30995
e9ef8c5630768eac23544ef13c37e2158f1508b43657a11f482c6dbdf2ffad79
ec56b2a59262e7489dfdeb863840fbf779478550f423b3cb9b4a9047342da21b
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
eea9e4b49d8ea034a8cd413e010d6b4dc813f1348c13bec61192db29f85739d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0754ba26b5564598ef1b014fd26e849540f2fe60303f91522f25d2a65b04f0f
f20dafc9f52f410cb8d31261d8eb82197df655c212e3c4c679937553f9353526
f2746d579ec65d660dbf80cd603d3aa0d9e00378fcf9d912fef9989a1e044920
f2ff5e9280f6a481345116d335ff6f334378f045afed98c85815e3c3a717dbd3
f324e01e06560f8cf72e66ba86e85294b4ddb2775c3690b18efbb7e6ef6c68eb
f46774ce119fe427877f181509287b971834830f0b61155e904d123bfce03bfe
f46a49ff8b39217e671ff9918f524b6c25e179d6505d8972bdd4de06b250bb0b
f5475b65460eee91e73904652540942377c61bd39da4743b2edd58969d36a5a8
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f82fa028dce989ca4321ce730ff7ebdf14845f2529464866c95f2b64c68a118d
f99658f600eb7f107a3504c806a5a5865d173edfe3de1b5e2c4d9593e234886a
f9cc986ad446124bd63a173147db95b5736f89ce93d212db264049dad917211d
f9f3facbbca03a3c32a03c74da2152f3888997c01e9c523e8801cc7e0d89d516
fa589b0dc7e5cbc8fb038114db91bb6ecd872408092a0624fb47e798db79f56f
fc4c88210236fb8e2e96c0e8b048470b77b6a6067a20c8d1a18e0b94085b06e2
fcea0b2bf6dd0c2433efd74345c2bb5fbfb0b017ba404de6373d14b9596d872c
ff9e832991a492c92de8dca85225f55e5f19b3290292f411c9ef2ba31e59bdee